1 /* +------------------------------------+
2 * | Inspire Internet Relay Chat Daemon |
3 * +------------------------------------+
5 * InspIRCd is copyright (C) 2002-2004 ChatSpike-Dev.
7 * <brain@chatspike.net>
8 * <Craig@chatspike.net>
10 * Written by Craig Edwards, Craig McLure, and others.
11 * This program is free but copyrighted software; see
12 * the file COPYING for details.
14 * ---------------------------------------------------
23 #include <sys/types.h>
24 #include <sys/socket.h>
35 #include "helperfuncs.h"
39 /* $ModDesc: Allows storage of oper credentials in an SQL table */
41 /* Required for the FOREACH_MOD alias (OnOper event) */
43 extern ServerConfig* Config;
44 extern std::vector<Module*> modules;
45 extern std::vector<ircd_module*> factory;
47 class ModuleSQLOper : public Module
57 dbid = Conf->ReadInteger("sqloper","dbid",0,true); // database id of a database configured in m_sql (see m_sql config)
58 SQLModule = Srv->FindModule("m_sql.so");
60 Srv->Log(DEFAULT,"WARNING: m_sqloper.so could not initialize because m_sql.so is not loaded. Load the module and rehash your server.");
64 ModuleSQLOper(Server* Me)
68 Conf = new ConfigReader();
72 virtual void OnRehash(std::string parameter)
75 Conf = new ConfigReader();
79 void Implements(char* List)
81 List[I_OnRehash] = List[I_OnPreCommand] = 1;
84 virtual int OnPreCommand(std::string command, char **parameters, int pcnt, userrec *user, bool validated)
86 if ((command == "OPER") && (validated))
88 if (LookupOper(parameters[0],parameters[1],user))
94 bool LookupOper(std::string username, std::string password, userrec* user)
98 // is the sql module loaded? If not, we don't attempt to do anything.
102 // sanitize the password (we dont want any mysql insertion exploits!)
103 std::string temp = "";
104 for (unsigned int q = 0; q < password.length(); q++)
106 if (password[q] == '\'')
110 else if (password[q] == '"')
112 temp = temp + "\\\"";
114 else temp = temp + password[q];
118 for (unsigned int v = 0; v < username.length(); v++)
120 if (username[v] == '\'')
124 if (username[v] == '"')
126 temp = temp + "\\\"";
128 else temp = temp + username[v];
132 // Create a request containing the SQL query and send it to m_sql.so
133 SQLRequest* query = new SQLRequest(SQL_RESULT,dbid,"SELECT username,password,hostname,type FROM ircd_opers WHERE username='"+username+"' AND password=md5('"+password+"')");
134 Request queryrequest((char*)query, this, SQLModule);
135 SQLResult* result = (SQLResult*)queryrequest.Send();
137 // Did we get "OK" as a result?
138 if (result->GetType() == SQL_OK)
140 Srv->Log(DEBUG,"An SQL based oper exists");
141 // if we did, this means we may now request a row... there should be only one row for each user, so,
142 // we don't need to loop to fetch multiple rows.
143 SQLRequest* rowrequest = new SQLRequest(SQL_ROW,dbid,"");
144 Request rowquery((char*)rowrequest, this, SQLModule);
145 SQLResult* rowresult = (SQLResult*)rowquery.Send();
147 // did we get a row? If we did, we can now do something with the fields
148 if (rowresult->GetType() == SQL_ROW)
150 if (rowresult->GetField("username") == username)
155 for (int j =0; j < Conf->Enumerate("type"); j++)
157 std::string TypeName = Conf->ReadValue("type","name",j);
158 Srv->Log(DEBUG,"Scanning opertype: "+TypeName);
159 std::string pattern = std::string(user->ident) + "@" + std::string(user->host);
161 if((TypeName == rowresult->GetField("type")) && OneOfMatches(pattern.c_str(), rowresult->GetField("hostname").c_str()))
163 /* found this oper's opertype */
164 Srv->Log(DEBUG,"Host and type match: "+TypeName+" "+rowresult->GetField("type"));
165 std::string HostName = Conf->ReadValue("type","host",j);
168 Srv->ChangeHost(user,HostName);
170 strlcpy(user->oper,rowresult->GetField("type").c_str(),NICKMAX-1);
171 WriteOpers("*** %s (%s@%s) is now an IRC operator of type %s",user->nick,user->ident,user->host,rowresult->GetField("type").c_str());
172 WriteServ(user->fd,"381 %s :You are now an IRC operator of type %s",user->nick,rowresult->GetField("type").c_str());
173 if(!strchr(user->modes,'o'))
175 strcat(user->modes,"o");
176 WriteServ(user->fd,"MODE %s :+o",user->nick);
177 FOREACH_MOD(I_OnOper,OnOper(user,rowresult->GetField("type")));
179 FOREACH_MOD(I_OnPostOper,OnPostOper(user,rowresult->GetField("type")));
180 log(DEFAULT,"OPER: %s!%s@%s opered as type: %s",user->nick,user->ident,user->host,rowresult->GetField("type").c_str());
192 // we didn't have a row.
204 query->SetQueryType(SQL_DONE);
205 query->SetConnID(dbid);
206 Request donerequest((char*)query, this, SQLModule);
212 virtual ~ModuleSQLOper()
217 virtual Version GetVersion()
219 return Version(1,0,0,1,VF_VENDOR);
224 class ModuleSQLOperFactory : public ModuleFactory
227 ModuleSQLOperFactory()
231 ~ModuleSQLOperFactory()
235 virtual Module * CreateModule(Server* Me)
237 return new ModuleSQLOper(Me);
243 extern "C" void * init_module( void )
245 return new ModuleSQLOperFactory;
projects / user / henk / code / inspircd.git / blob