Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon5.gif   inactive users, posted by Devin Bougie on Wed Apr 27 21:27:36 2016 
    icon2.gif   Re: inactive users, posted by Stefano Lacaprara on Wed May 31 11:45:06 2017 
       icon4.gif   Re: inactive users, posted by Andreas Luedeke on Wed May 31 13:28:51 2017 
          icon2.gif   Re: inactive users, posted by Stefano Lacaprara on Wed May 31 16:02:46 2017 
             icon2.gif   Re: inactive users, posted by Stefano Lacaprara on Mon Feb 26 18:27:09 2018 elogd.c
                icon2.gif   Re: inactive users, posted by Stefan Ritt on Fri Dec 21 14:59:05 2018 
Message ID: 68745     Entry time: Mon Feb 26 18:27:09 2018     In reply to: 68628     Reply to this: 68880
Icon: Reply  Author: Stefano Lacaprara  Author Email: stefano.lacaprara@pd.infn.it 
Category: Bug report  OS: Linux  ELOG Version: 3.1.3 
Subject: Re: inactive users 
Hi,
  sorry to bother again on this issue, but it is causing me some trouble, as many of my users are using the "SetNone" button in their config page, and doing so they deactivate their account, which I have to 
re-activate manually.

The warning about "Are you sure you want to deactivate your own account ..." is actually triggered only when someone toggle the "active" radio button, but not when the "SetNone" function is used. In that 
case no warning is present, and the user just deactivate his/her account. I'm sure that this is not the intended behavior.

I attach a modified version of elogd.c (based on git c1866af75bb2fe62aa868c4cf562f43a08e4b499 ) with the modified javascript I proposed earlier in this thread.

best,
  Stefano
Attachment 1: elogd.c  1014 kB  | Hide | Hide all
/********************************************************************

   Name:         elogd.c
   Created by:   Stefan Ritt
   Copyright 2000 + Stefan Ritt

   ELOG is free software: you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   ELOG is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   In addition, as a special exception, the copyright holders give
   permission to link the code of portions of this program with the
   OpenSSL library under certain conditions as described in each
   individual source file, and distribute linked combinations
   including the two.
   You must obey the GNU General Public License in all respects
   for all of the code used other than OpenSSL.  If you modify
   file(s) with this exception, you may extend this exception to your
   version of the file(s), but you are not obligated to do so.  If you
   do not wish to do so, delete this exception statement from your
   version.  If you delete this exception statement from all source
   files in the program, then also delete it here.

   You should have received a copy of the GNU General Public License
   along with ELOG.  If not, see <http://www.gnu.org/licenses/>.


   Contents:     Web server program for Electronic Logbook ELOG

\********************************************************************/

#include "elogd.h"
#include "git-revision.h"

const char *_git_revision = GIT_REVISION;

BOOL running_as_daemon;         /* Running as a daemon/service? */
int elog_tcp_port;              /* Server's TCP port            */

static void (*printf_handler) (const char *);   /* Handler to printf for logging */
static void (*fputs_handler) (const char *);    /* Handler to fputs for logging  */
static FILE *current_output_stream = NULL;      /* Currently used output stream  */

char *return_buffer;
int return_buffer_size;
int strlen_retbuf;
int keep_alive;
char header_buffer[20000];
int return_length;
char host_name[256];
char referer[256];
char browser[256];
char config_file[256];
char resource_dir[256];
char logbook_dir[256];
char listen_interface[256];
char theme_name[80];
char http_host[256];
char http_user[256];

char _param[MAX_PARAM][NAME_LENGTH];
char _value[MAX_PARAM][NAME_LENGTH];
char _mtext[TEXT_SIZE];
char _cmdline[CMD_SIZE];
char *_attachment_buffer;
int _attachment_size;
int _max_content_length = MAX_CONTENT_LENGTH;
struct in_addr rem_addr;
char rem_host[256];
char rem_host_ip[256];
int _sock;
BOOL use_keepalive, enable_execute = FALSE;
BOOL ckedit_exist, image_magick_exist;
int _verbose_level, _current_message_id;
int _logging_level, _ssl_flag;

LOGBOOK *lb_list = NULL;

#define VERBOSE_URL     1
#define VERBOSE_INFO    2
#define VERBOSE_DEBUG   3

#ifdef HAVE_SSL
SSL *_ssl_con;
#endif

char *mname[] = { "January", "February", "March", "April", "May", "June", "July", "August", "September",
   "October", "November", "December"
};

char type_list[MAX_N_LIST][NAME_LENGTH] = { "Routine", "Other" };

char category_list[MAX_N_LIST][NAME_LENGTH] = { "General", "Other",
};

char author_list[MAX_N_LIST][NAME_LENGTH] = { "" };

char attr_list[MAX_N_ATTR][NAME_LENGTH];
char attr_options[MAX_N_ATTR][MAX_N_LIST][NAME_LENGTH];
int attr_flags[MAX_N_ATTR];

char attr_list_default[][NAME_LENGTH] = { "Author", "Type", "Category", "Subject", "" };

char attr_options_default[][MAX_N_LIST][NAME_LENGTH] = { {""}, {"Routine", "Other"},
{"General", "Other"}, {""}
};

int attr_flags_default[] = { AF_REQUIRED, 0, 0, 0 };

struct {
   char ext[32];
   char type[80];
} filetype[] = {

   {
   ".AI", "application/postscript"}, {
   ".ASC", "text/plain"}, {
   ".BZ2", "application/x-bzip2"}, {
   ".CFG", "text/plain"}, {
   ".CHRT", "application/x-kchart"}, {
   ".CONF", "text/plain"}, {
   ".CSH", "application/x-csh"}, {
   ".CSS", "text/css"}, {
   ".DOC", "application/msword"}, {
   ".DVI", "application/x-dvi"}, {
   ".EPS", "application/postscript"}, {
   ".GIF", "image/gif"}, {
   ".GZ", "application/x-gzip"}, {
   ".HTM", "text/html"}, {
   ".HTML", "text/html"}, {
   ".ICO", "image/x-icon"}, {
   ".JPEG", "image/jpeg"}, {
   ".JPG", "image/jpeg"}, {
   ".JS", "application/x-javascript"}, {
   ".KPR", "application/x-kpresenter"}, {
   ".KSP", "application/x-kspread"}, {
   ".KWD", "application/x-kword"}, {
   ".MP3", "audio/mpeg"}, {
   ".OGG", "application/x-ogg"}, {
   ".PDF", "application/pdf"}, {
   ".PNG", "image/png"}, {
   ".PS", "application/postscript"}, {
   ".RAM", "audio/x-pn-realaudio"}, {
   ".RM", "audio/x-pn-realaudio"}, {
   ".RM", "audio/x-pn-realaudio"}, {
   ".RM", "audio/x-pn-realaudio"}, {
   ".RPM", "application/x-rpm"}, {
   ".RTF", "application/rtf"}, {
   ".SH", "application/x-sh"}, {
   ".SVG", "image/svg+xml"}, {
   ".TAR", "application/x-tar"}, {
   ".TCL", "application/x-tcl"}, {
   ".TEX", "application/x-tex"}, {
   ".TGZ", "application/x-gzip"}, {
   ".TIF", "image/tiff"}, {
   ".TIFF", "image/tiff"}, {
   ".TXT", "text/plain"}, {
   ".WAV", "audio/x-wav"}, {
   ".XLS", "application/x-msexcel"}, {
   ".XML", "text/xml"}, {
   ".XSL", "text/xml"}, {
   ".ZIP", "application/x-zip-compressed"}, {

      /* Open XML file types */
   ".DOCM", "application/vnd.ms-word.document.macroEnabled.12"}, {
   ".DOCX", "application/vnd.openxmlformats-officedocument.wordprocessingml.document"}, {
   ".DOTM", "application/vnd.ms-word.template.macroEnabled.12"}, {
   ".DOTX", "application/vnd.openxmlformats-officedocument.wordprocessingml.template"}, {
   ".PPSM", "application/vnd.ms-powerpoint.slideshow.macroEnabled.12"}, {
   ".PPSX", "application/vnd.openxmlformats-officedocument.presentationml.slideshow"}, {
   ".PPTM", "application/vnd.ms-powerpoint.presentation.macroEnabled.12"}, {
   ".PPTX", "application/vnd.openxmlformats-officedocument.presentationml.presentation"}, {
   ".XLSB", "application/vnd.ms-excel.sheet.binary.macroEnabled.12"}, {
   ".XLSM", "application/vnd.ms-excel.sheet.macroEnabled.12"}, {
   ".XLSX", "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"}, {
   ".XPS", "application/vnd.ms-xpsdocument"}, {

"", ""},};

struct {
   char language[32];
   char abbrev[32];
} lang_table[] = {
   
   { "brazilian",    "br"},
   { "bulgarian",    "bg"},
   { "czech",        "cz"},
   { "danish",       "dk"},
   { "dutch",        "nl"},
   { "french",       "fr"},
   { "german",       "de"},
   { "indonesia",    "id"},
   { "italian",      "it"},
   { "japanese",     "jp"},
   { "polish",       "pl"},
   { "ru_CP1251",    "ru"},
   { "slowak",       "sk"},
   { "spanish",      "es"},
   { "swedish",      "se"},
   { "turkish",      "tr"},
   { "zh_CN-GB2314", "zh"},
   { "zh_CN-UTF8",   "zh"},
   { "", "" }
};

char _convert_cmd[256];
char _identify_cmd[256];

#ifdef OS_WINNT
int run_service(void);
#endif

#ifdef OS_UNIX
gid_t orig_gid;                 /* Original effective GID before dropping privilege */
uid_t orig_uid;                 /* Original effective UID before dropping privilege */
char pidfile[256];              /* Pidfile name                                     */
#endif

#ifdef __CYGWIN__               /* bug in cygwin, 'timezone' not linked automatically */
long _timezone;
#endif

/*---- Funcions from the MIDAS library -----------------------------*/

#define my_toupper(_c)    ( ((_c)>='a' && (_c)<='z') ? ((_c)-'a'+'A') : (_c) )
#define my_tolower(_c)    ( ((_c)>='A' && (_c)<='Z') ? ((_c)-'A'+'a') : (_c) )

BOOL strieq(const char *str1, const char *str2)
{
   char c1, c2;

   if (str1 == NULL && str2 == NULL)
      return TRUE;
   if (str1 == NULL || str2 == NULL)
      return FALSE;
   if (strlen(str1) != strlen(str2))
      return FALSE;

   while (*str1) {
      c1 = *str1++;
      c2 = *str2++;
      if (my_toupper(c1) != my_toupper(c2))
         return FALSE;
   }

   if (*str2)
      return FALSE;

   return TRUE;
}

BOOL strnieq(const char *str1, const char *str2, int n)
{
   char c1, c2;
   int i;

   if (str1 == NULL && str2 == NULL && n == 0)
      return TRUE;
   if (str1 == NULL || str2 == NULL)
      return FALSE;
   if ((int) strlen(str1) < n || (int) strlen(str2) < n)
      return FALSE;

   for (i = 0; i < n && *str1; i++) {
      c1 = *str1++;
      c2 = *str2++;
      if (my_toupper(c1) != my_toupper(c2))
         return FALSE;
   }

   if (i < n)
      return FALSE;

   return TRUE;
}

char *stristr(const char *str, const char *pattern)
{
   char c1, c2, *ps, *pp;

   if (str == NULL || pattern == NULL)
      return NULL;

   while (*str) {
      ps = (char *) str;
      pp = (char *) pattern;
      c1 = *ps;
      c2 = *pp;
      if (my_toupper(c1) == my_toupper(c2)) {
         while (*pp) {
            c1 = *ps;
            c2 = *pp;

            if (my_toupper(c1) != my_toupper(c2))
... 30944 more lines ...
ELOG V3.1.5-3fb85fa6