Beispiel #1
0
if (!isset($_GET["oid"]) || !is_numeric($_GET["oid"]) || !isset($_GET["filename"]) || !isset($_GET["check"]) || $_GET["check"] == "") {
    echo "<html><head><title>View Page</title>";
    IntrusionNotify("Bad parameters in filewindow.php");
    echo "<script>window.close();</script></html>";
    exit;
}
$cf = globalconf();
$fname = decryptData(rawurldecode($_GET["filename"]), session_id() . $cf["key"]);
$msg = '';
if (isset($_GET["msg"])) {
    $msg = rawurldecode($_GET["msg"]);
}
$p = myhash($_GET["oid"] . $fname . $msg . session_id() . $cf["key"]);
if ($p != $_GET["check"]) {
    echo "<html><head><title>View Page</title>";
    IntrusionNotify("Parameters modified in filewindow.php");
    echo "<script>window.close();</script></html>";
    exit;
}
require_once "db.php";
if ($_GET["oid"] >= 0) {
    $c = DBConnect();
    DBExec($c, "begin work");
    if (($lo = DB_lo_open($c, $_GET["oid"], "r")) === false) {
        echo "<html><head><title>View Page</title>";
        DBExec($c, "rollback work");
        LOGError("Unable to download file (" . basename($fname) . ")");
        MSGError("Unable to download file (" . basename($fname) . ")");
        echo "<script>window.close();</script></html>";
        exit;
    }
Beispiel #2
0
 $param['maxfilesize'] = $_POST["maxfilesize"] * 1000;
 $param['active'] = 0;
 $param['mainsite'] = $_POST["mainsite"];
 $param['mainsiteurl'] = $_POST["mainsiteurl"];
 $param['unlockkey'] = $_POST["unlockkey"];
 if (isset($_FILES["keyfile"]) && $_FILES["keyfile"]["name"] != "") {
     $type = myhtmlspecialchars($_FILES["keyfile"]["type"]);
     $size = myhtmlspecialchars($_FILES["keyfile"]["size"]);
     $name = myhtmlspecialchars($_FILES["keyfile"]["name"]);
     $temp = myhtmlspecialchars($_FILES["keyfile"]["tmp_name"]);
     if (!is_uploaded_file($temp)) {
         IntrusionNotify("file upload problem.");
         ForceLoad("../index.php");
     }
     if (($ar = file($temp)) === false) {
         IntrusionNotify("Unable to open the uploaded file.");
         ForceLoad("user.php");
     }
     $dd = 0;
     foreach ($ar as $val => $key) {
         $key = trim($key);
         if ($key == '') {
             unset($ar[$val]);
             continue;
         }
         if (substr($key, 10, 5) != '#####') {
             MSGError('Invalid key in the file -- not importing any keys');
             $dd = 0;
             break;
         }
         if (isset($param['unlockkey']) && $param['unlockkey'] != '') {
Beispiel #3
0
     if ($size > $ct["contestmaxfilesize"] || strlen($name) > 100 || strlen($name) < 1) {
         echo "\nRESULT: SUBMITTED FILE (OR NAME) TOO LARGE";
         exit;
     }
 } else {
     $type = myhtmlspecialchars($_FILES["sourcefile"]["type"]);
     $size = myhtmlspecialchars($_FILES["sourcefile"]["size"]);
     $name = myhtmlspecialchars($_FILES["sourcefile"]["name"]);
     $temp = myhtmlspecialchars($_FILES["sourcefile"]["tmp_name"]);
     if ($size > $ct["contestmaxfilesize"]) {
         LOGLevel("User {$_SESSION["usertable"]["username"]} tried to submit file " . "{$name} with {$size} bytes ({$ct["contestmaxfilesize"]} max allowed).", 1);
         MSGError("File size exceeds the limit allowed.");
         ForceLoad($runteam);
     }
     if (!is_uploaded_file($temp) || strlen($name) > 100) {
         IntrusionNotify("file upload problem.");
         ForceLoad("../index.php");
     }
 }
 if (strpos($name, ' ') === true || strpos($temp, ' ') === true || strpos($name, '/') === true || strpos($temp, '/') === true || strpos($name, '`') === true || strpos($temp, '`') === true || strpos($name, '\'') === true || strpos($temp, '\'') === true || strpos($name, "\"") === true || strpos($temp, "\"") === true || strpos($name, '$') === true || strpos($temp, '$') === true) {
     if (isset($_POST['name']) && $_POST['name'] != '') {
         echo "\nRESULT: FILE NAME PROBLEM (EG CANNOT HAVE SPACES)";
         exit;
     }
     MSGError("File name cannot contain spaces.");
     ForceLoad($runteam);
 }
 $ac = array('contest', 'site', 'user', 'problem', 'lang', 'filename', 'filepath');
 $ac1 = array('runnumber', 'rundate', 'rundatediff', 'rundatediffans', 'runanswer', 'runstatus', 'runjudge', 'runjudgesite', 'runjudge1', 'runjudgesite1', 'runanswer1', 'runjudge2', 'runjudgesite2', 'runanswer2', 'autoip', 'autobegindate', 'autoenddate', 'autoanswer', 'autostdout', 'autostderr', 'updatetime');
 $param = array('contest' => $_SESSION["usertable"]["contestnumber"], 'site' => $_SESSION["usertable"]["usersitenumber"], 'user' => $_SESSION["usertable"]["usernumber"], 'problem' => $prob, 'lang' => $lang, 'filename' => $name, 'filepath' => $temp);
 if (isset($_POST['pastcode']) && $_POST['pastcode'] != '') {
Beispiel #4
0
    ob_start();
    header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT");
    header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
    header("Cache-Control: no-cache, must-revalidate");
    header("Pragma: no-cache");
    header("Content-Type: text/html; charset=utf-8");
    session_start();
    ob_end_flush();
    if (isset($_SESSION["usertable"])) {
        $_SESSION["usertable"] = DBUserInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"]);
    } else {
        IntrusionNotify("scoretable1");
        ForceLoad("index.php");
    }
    if (!isset($_SESSION['usertable']['usertype']) || $_SESSION["usertable"]["usertype"] != "score" && $_SESSION["usertable"]["usertype"] != "site") {
        IntrusionNotify("scoretable2");
        ForceLoad("index.php");
    }
}
if (!ValidSession()) {
    InvalidSession("scoretable.php");
    ForceLoad("index.php");
}
$loc = $_SESSION["loc"];
if (!isset($detail)) {
    $detail = true;
}
if (!isset($final)) {
    $final = false;
}
$scoredelay["admin"] = 3;
Beispiel #5
0
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
require_once '../version.php';
require_once "../globals.php";
require_once "../db.php";
echo "<html><head><title>System's Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
    InvalidSession("system/index.php");
    ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "system") {
    IntrusionNotify("system/index.php");
    ForceLoad("../index.php");
}
echo "</head><body><table border=1 width=\"100%\">\n";
echo "<tr><td nowrap bgcolor=\"eeee00\" align=center>";
echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
echo "<font color=\"#000000\">BOCA</font>";
echo "</td><td bgcolor=\"#eeee00\" width=\"99%\">\n";
echo "Username: "******"usertable"]["userfullname"] . "<br>\n";
list($clockstr, $clocktype) = siteclock();
echo "</td><td bgcolor=\"#eeee00\" align=center nowrap>&nbsp;" . $clockstr . "&nbsp;</td></tr>\n";
echo "</table>\n";
echo "<table border=0 width=\"100%\" align=center>\n";
echo " <tr>\n";
echo "  <td align=center><a class=menu style=\"font-weight:bold\" href=contest.php>Contest</a></td>\n";
echo "  <td align=center><a class=menu style=\"font-weight:bold\" href=importxml.php>Import</a></td>\n";
Beispiel #6
0
<?php

$loc = $locr = "..";
require_once "{$locr}/globals.php";
require_once "{$locr}/db.php";
if (!ValidSession()) {
    InvalidSession("webcast/index.php");
    ForceLoad("{$loc}/index.php");
}
if ($_SESSION["usertable"]["usertype"] != "admin") {
    IntrusionNotify("webcast/index.php");
    ForceLoad("{$loc}/index.php");
}
$contest = $_SESSION["usertable"]["contestnumber"];
$site = $_SESSION["usertable"]["usersitenumber"];
if (($ct = DBSiteInfo($contest, $site)) == null) {
    ForceLoad("../index.php");
}
if (isset($_GET['full']) && $_GET['full'] > 0) {
    $freezeTime = $ct['siteduration'];
} else {
    $freezeTime = $ct['sitelastmilescore'];
}
Beispiel #7
0
    }
    ForceLoad("task.php");
}
if (isset($_FILES["filename"]) && isset($_POST["Submit"]) && $_FILES["filename"]["name"] != "") {
    if ($_POST["confirmation"] == "confirm") {
        $type = myhtmlspecialchars($_FILES["filename"]["type"]);
        $size = myhtmlspecialchars($_FILES["filename"]["size"]);
        $name = myhtmlspecialchars($_FILES["filename"]["name"]);
        $temp = myhtmlspecialchars($_FILES["filename"]["tmp_name"]);
        if ($size > $ct["contestmaxfilesize"]) {
            LOGLevel("User {$_SESSION["usertable"]["username"]} tried to print file " . "{$name} with {$size} bytes ({$ct["contestmaxfilesize"]} max allowed).", 1);
            MSGError("File size exceeds the limit allowed.");
            ForceLoad("task.php");
        }
        if (!is_uploaded_file($temp)) {
            IntrusionNotify("Printing file upload problem");
            ForceLoad("../index.php");
        }
        $param['contest'] = $_SESSION["usertable"]["contestnumber"];
        $param['site'] = $_SESSION["usertable"]["usersitenumber"];
        $param['user'] = $_SESSION["usertable"]["usernumber"];
        $param['desc'] = "File to print";
        $param['filename'] = $name;
        $param['filepath'] = $temp;
        DBNewTask($param);
    }
    ForceLoad("task.php");
}
?>
<br>
<table width="100%" border=1>
Beispiel #8
0
function DBLogInContest($name, $pass, $contest, $msg = true)
{
    $b = DBGetRow("select * from contesttable where contestnumber={$contest}", 0, null, "DBLogIn(get active contest)");
    if ($b == null) {
        LOGLevel("There is no contest {$contest}.", 0);
        if ($msg) {
            MSGError("There is no contest {$contest}, contact an admin.");
        }
        return false;
    }
    $d = DBSiteInfo($b["contestnumber"], $b["contestlocalsite"], null, false);
    if ($d == null) {
        if ($msg) {
            MSGError("There is no active site, contact an admin.");
        }
        return false;
    }
    $a = DBGetRow("select * from usertable where username='******' and contestnumber=" . $b["contestnumber"] . " and " . "usersitenumber=" . $b["contestlocalsite"], 0, null, "DBLogIn(get user)");
    if ($a == null) {
        if ($msg) {
            LOGLevel("User {$name} tried to log in contest {$contest} but it does not exist.", 2);
            MSGError("User does not exist or incorrect password.");
        }
        return false;
    }
    $a = DBUserInfo($b["contestnumber"], $b["contestlocalsite"], $a['usernumber'], null, false);
    $_SESSION['usertable'] = $a;
    $p = myhash($a["userpassword"] . session_id());
    $_SESSION['usertable']['userpassword'] = $p;
    if ($a["userpassword"] != "" && $p != $pass) {
        LOGLevel("User {$name} tried to log in contest {$contest} but password was incorrect.", 2);
        if ($msg) {
            MSGError("Incorrect password.");
        }
        unset($_SESSION["usertable"]);
        return false;
    }
    if ($d["sitepermitlogins"] == "f" && $a["usertype"] != "admin" && $a["usertype"] != "judge" && $a["usertype"] != "site") {
        LOGLevel("User {$name} tried to login contest {$contest} but logins are denied.", 2);
        if ($msg) {
            MSGError("Logins are not allowed.");
        }
        unset($_SESSION["usertable"]);
        return false;
    }
    if ($a["userenabled"] != "t") {
        LOGLevel("User {$name} tried to log in contest {$contest} but it is disabled.", 2);
        if ($msg) {
            MSGError("User disabled.");
        }
        unset($_SESSION["usertable"]);
        return false;
    }
    $gip = getIP();
    if ($a["userip"] != $gip && $a["userip"] != "" && $a["usertype"] != "score") {
        LOGLevel("User {$name} is using two different IPs: " . $a["userip"] . "(" . dateconv($a["userlastlogin"]) . ") and " . $gip, 1);
        if ($msg && $a["usertype"] != "admin") {
            MSGError("You are using two distinct IPs. Admin notified.");
        }
    }
    if ($a["userpermitip"] != "") {
        $ips = explode(';', $a["userpermitip"]);
        $gips = explode(';', $gip);
        if (count($gips) < count($ips)) {
            IntrusionNotify("Invalid IP: " . $gip);
            ForceLoad("index.php");
        }
        for ($ipss = 0; $ipss < count($ips); $ipss++) {
            $gipi = $gips[$ipss];
            $ipi = $ips[$ipss];
            if (!match_network($ipi, $gipi)) {
                IntrusionNotify("Invalid IP: " . $gip);
                ForceLoad("index.php");
            }
        }
    }
    $c = DBConnect();
    $t = time();
    if ($a["usertype"] == "team" && $a["usermultilogin"] != "t" && $a["userpermitip"] == "") {
        $r = DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userpermitip='" . $gip . "'," . "userlastlogin={$t}, usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update session)");
    } else {
        DBExec($c, "begin work");
        $sql = "update usertable set usersessionextra='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"] . " and (usersessionextra='' or userip != '" . $gip . "' or userlastlogin<=" . ($t - 86400) . ")";
        DBExec($c, $sql);
        DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userlastlogin={$t}, " . "usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update user)");
        if ($name == 'admin') {
            list($clockstr, $clocktime) = siteclock();
            if ($clocktime < -600) {
                DBExec($c, "update contesttable set contestunlockkey='' where contestnumber=" . $b["contestnumber"], "DBLogInContest(update contest)");
            }
        }
        DBExec($c, "commit work");
    }
    LOGLevel("User {$name} authenticated (" . $gip . ")", 2);
    return $a;
}
Beispiel #9
0
require_once "../globals.php";
require_once "../db.php";
$runteam = 'team.php';
$runphp = "runchief.php";
$runeditphp = "runeditchief.php";
echo "<html><head><title>Judge's Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
//temporario!!!!
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
    InvalidSession("judge/index.php");
    ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "judge") {
    IntrusionNotify("judge/index.php");
    ForceLoad("../index.php");
}
if (($s = DBSiteInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"])) == null) {
    ForceLoad("../index.php");
}
if ($s["sitechiefname"] == $_SESSION["usertable"]["username"]) {
    $cc = "338833";
} else {
    $cc = "77cc77";
}
echo "<script language=\"javascript\" src=\"../reload.js\"></script>\n";
echo "</head><body onload=\"Comecar()\" onunload=\"Parar()\"><table border=1 width=\"100%\">\n";
echo "<tr><td nowrap bgcolor=\"#{$cc}\" align=center>";
echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
echo "<font color=\"#000000\">BOCA</font>";
Beispiel #10
0
}
if (!isset($_GET["oid"]) || !is_numeric($_GET["oid"]) || !isset($_GET["filename"]) || !isset($_GET["check"]) || $_GET["check"] == "") {
    echo "<html><head><title>Download Page</title>";
    IntrusionNotify("Bad parameters in filedownload.php");
    ForceLoad("index.php");
}
$cf = globalconf();
$fname = decryptData(rawurldecode($_GET["filename"]), session_id() . $cf["key"]);
if (isset($_GET["msg"])) {
    $p = myhash($_GET["oid"] . $fname . rawurldecode($_GET["msg"]) . session_id() . $cf["key"]);
} else {
    $p = myhash($_GET["oid"] . $fname . session_id() . $cf["key"]);
}
if ($p != $_GET["check"]) {
    echo "<html><head><title>View Page</title>";
    IntrusionNotify("Parameters modified in filedownload.php. ");
    ForceLoad("index.php");
}
require_once "db.php";
if ($_GET["oid"] >= 0) {
    $c = DBConnect();
    DBExec($c, "begin work");
    if (($lo = DB_lo_open($c, $_GET["oid"], "r")) === false) {
        echo "<html><head><title>Download Page</title>";
        DBExec($c, "rollback work");
        LOGError("Unable to download file (" . basename($fname) . ")");
        MSGError("Unable to download file (" . basename($fname) . ")");
        ForceLoad("index.php");
    }
    header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT");
    header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
Beispiel #11
0
            exit;
        }
        if (!isset($getx['check'])) {
            ob_end_flush();
            echo "<!-- <ERROR2> " . session_id() . " " . session_id() . " -->\n";
            exit;
        }
    } else {
        ob_end_flush();
        LogLevel("Init connection by IP " . getIP(), 2);
        echo "<!-- <SESSION1> " . session_id() . " " . session_id() . " -->\n";
        exit;
    }
}
if (!ValidSession()) {
    ob_end_flush();
    InvalidSession("site/index.php");
    ForceLoad("../index.php");
    exit;
}
if (isset($getx['check']) && isset($getx["password"]) && $getx['check'] != myhash($getx["password"] . $_SESSION['usertable']['userpassword'])) {
    ob_end_flush();
    echo "<!-- <SESSION2> " . session_id() . " " . $_SESSION['usertable']['usersessionextra'] . " -->\n";
    exit;
}
if ($_SESSION["usertable"]["usertype"] != "site") {
    ob_end_flush();
    IntrusionNotify("site/index.php");
    ForceLoad("../index.php");
    exit;
}
Beispiel #12
0
$runeditphp = "runedit.php";
require_once "{$locr}/globals.php";
require_once "{$locr}/db.php";
if (!isset($_POST['noflush'])) {
    require_once "{$locr}/version.php";
    echo "<html><head><title>Admin's Page</title>\n";
    echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
    echo "<link rel=stylesheet href=\"{$loc}/Css2.php\" type=\"text/css\">\n";
}
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
    InvalidSession("admin/index.php");
    ForceLoad("{$loc}/index.php");
}
if ($_SESSION["usertable"]["usertype"] != "admin") {
    IntrusionNotify("admin/index.php");
    ForceLoad("{$loc}/index.php");
}
if (!isset($_POST['noflush'])) {
    echo "</head><body><table border=1 width=\"100%\">\n";
    echo "<tr><td nowrap bgcolor=\"eeee00\" align=center>";
    echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
    echo "<font color=\"#000000\">BOCA</font>";
    echo "</td><td bgcolor=\"#eeee00\" width=\"99%\">\n";
    echo "Username: "******"usertable"]["userfullname"] . " (site=" . $_SESSION["usertable"]["usersitenumber"] . ")<br>\n";
    list($clockstr, $clocktype) = siteclock();
    echo "</td><td bgcolor=\"#eeee00\" align=center nowrap>&nbsp;" . $clockstr . "&nbsp;</td></tr>\n";
    echo "</table>\n";
    echo "<table border=0 width=\"100%\" align=center>\n";
    echo " <tr>\n";
    echo "  <td align=center><a class=menu style=\"font-weight:bold\" href=run.php>Runs</a></td>\n";
Beispiel #13
0
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
require_once '../version.php';
require_once "../globals.php";
require_once "../db.php";
echo "<html><head><title>Score Board Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
    InvalidSession("score/index.php");
    ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "score") {
    IntrusionNotify("score/index.php");
    ForceLoad("../index.php");
}
echo "</head><body><table border=1 width=\"100%\">\n";
echo "<tr><td nowrap bgcolor=\"#cc9966\" align=center>";
echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
echo "<font color=\"#000000\">BOCA</font>";
echo "</td><td bgcolor=\"#cc9966\" width=\"99%\">\n";
echo "Username: "******"usertable"]["userfullname"] . " (site=" . $_SESSION["usertable"]["usersitenumber"] . ")<br>\n";
//list($clockstr,$clocktype)=siteclock(); // THIS IS SLOW, WE NEED A BETTER OPTION
$clockstr = '';
echo "</td><td bgcolor=\"#cc9966\" align=center nowrap>&nbsp;" . $clockstr . "&nbsp;</td></tr>\n";
echo "</table>\n";
if (!isset($_SESSION["scorenomenu"]) || !$_SESSION["scorenomenu"]) {
    echo "<table border=0 width=\"100%\" align=center>\n";
    echo " <tr>\n";
Beispiel #14
0
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
//$locr = $_SESSION['locr'];
//$loc = $_SESSION['loc'];
$loc = $locr = "../..";
require_once $locr . "/globals.php";
if (!ValidSession()) {
    InvalidSession($_SERVER['PHP_SELF']);
    ForceLoad($loc . "/index.php");
}
if ($_SESSION["usertable"]["usertype"] != "admin") {
    IntrusionNotify($_SERVER['PHP_SELF']);
    ForceLoad($loc . "/index.php");
}
require_once $locr . "/db.php";
require_once $locr . "/freport.php";
echo "<html><head><title>Report Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"{$loc}/Css.php\" type=\"text/css\">\n";
$contest = $_SESSION["usertable"]["contestnumber"];
if (($ct = DBContestInfo($contest)) == null) {
    ForceLoad($loc . "/index.php");
}
$site = $_SESSION["usertable"]["usersitenumber"];
if (($st = DBSiteInfo($contest, $site)) == null) {
    ForceLoad($loc . "/index.php");
}
Beispiel #15
0
}
if (isset($_POST["answer"]) && isset($_POST["Submit"]) && $_POST["Submit"] == "Judge" && is_numeric($_POST["answer"]) && isset($_POST["sitenumber"]) && isset($_POST["number"]) && is_numeric($_POST["sitenumber"]) && is_numeric($_POST["number"])) {
    // && isset($_POST["notifyuser"]) && isset($_POST["updatescore"])) {
    if ($_POST["confirmation"] == "confirm") {
        $answer = myhtmlspecialchars($_POST["answer"]);
        $sitenumber = myhtmlspecialchars($_POST["sitenumber"]);
        $number = myhtmlspecialchars($_POST["number"]);
        //      	  $notuser = myhtmlspecialchars($_POST["notifyuser"]);
        //	        $updscore = myhtmlspecialchars($_POST["updatescore"]);
        DBUpdateRun($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"], $sitenumber, $number, $answer);
        //, $notuser, $updscore);
    }
    ForceLoad("run.php");
}
if (!isset($_GET["runnumber"]) || !isset($_GET["runsitenumber"]) || !is_numeric($_GET["runnumber"]) || !is_numeric($_GET["runsitenumber"])) {
    IntrusionNotify("tried to open the judge/runedit.php with wrong parameters.");
    ForceLoad("run.php");
}
$runsitenumber = myhtmlspecialchars($_GET["runsitenumber"]);
$runnumber = myhtmlspecialchars($_GET["runnumber"]);
if (($a = DBGetRunToAnswer($runnumber, $runsitenumber, $_SESSION["usertable"]["contestnumber"])) === false) {
    MSGError("Another judge got it first.");
    ForceLoad("run.php");
}
$b = DBGetProblemData($_SESSION["usertable"]["contestnumber"], $a["problemnumber"]);
?>
<br><br><center><b>Use the following fields to judge the run:
</b></center>
<form name="form1" method="post" action="runedit.php">
  <input type=hidden name="confirmation" value="noconfirm" />
  <center>
Beispiel #16
0
header("Pragma: no-cache");
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
require_once "../globals.php";
require_once "../db.php";
echo "<html><head><title>Staff's Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
    InvalidSession("staff/index.php");
    ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "staff" && $_SESSION["usertable"]["usertype"] != "admin") {
    IntrusionNotify("staff/index.php");
    ForceLoad("../index.php");
}
echo "<script language=\"javascript\" src=\"../reload.js\"></script>\n";
echo "</head><body onload=\"Comecar()\" onunload=\"Parar()\"><table border=1 width=\"100%\">\n";
echo "<tr><td nowrap bgcolor=\"#ffa020\" align=center>";
echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
echo "<font color=\"#000000\">BOCA</font>";
echo "</td><td bgcolor=\"#ffa020\" width=\"99%\">\n";
echo "Username: "******"usertable"]["userfullname"] . " (site=" . $_SESSION["usertable"]["usersitenumber"] . ")<br>\n";
list($clockstr, $clocktype) = siteclock();
echo "</td><td bgcolor=\"#ffa020\" align=center nowrap>&nbsp;" . $clockstr . "&nbsp;</td></tr>\n";
echo "</table>\n";
if (($s = DBSiteInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"])) == null) {
    ForceLoad("../index.php");
}
Beispiel #17
0
echo "<html><head><title>Team's Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
?>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="/assets/bootstrap/css/bootstrap.min.css">
<!-- Latest compiled and minified JavaScript -->
<script src="/assets/bootstrap/js/bootstrap.min.js"></script>
<?php 
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
    InvalidSession("team/index.php");
    ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "team") {
    IntrusionNotify("team/index.php");
    ForceLoad("../index.php");
}
?>


<div class="container">
<!-- 	<nav class="navbar navbar-default">
		<div class="container-fluid">
			<div class="navbar-header">
				<a class="navbar-brand" href="/team/index.php">
					<span><img alt="BOCA" src="../images/smallballoontransp.png"> Boca</span>
				</a>
			</div>
			<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-4">
				<p class="navbar-text navbar-right">
Beispiel #18
0
                $type = 'site';
            } else {
                $type = 'none';
            }
        }
        if (trim($ans) == "") {
            DBClarGiveUp($number, $sitenumber, $_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usernumber"], $_SESSION["usertable"]["usersitenumber"]);
            MSGError("Clarification returned.");
        } else {
            DBChiefUpdateClar($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"], $sitenumber, $number, $ans, $type);
        }
    }
    ForceLoad("clar.php");
}
if (!isset($_GET["clarnumber"]) || !isset($_GET["clarsitenumber"]) || !is_numeric($_GET["clarnumber"]) || !is_numeric($_GET["clarsitenumber"])) {
    IntrusionNotify("tried to open the admin/claredit.php with wrong parameters.");
    ForceLoad("clar.php");
}
$clarsitenumber = myhtmlspecialchars($_GET["clarsitenumber"]);
$clarnumber = myhtmlspecialchars($_GET["clarnumber"]);
if (($a = DBChiefGetClarToAnswer($clarnumber, $clarsitenumber, $_SESSION["usertable"]["contestnumber"])) === false) {
    MSGError("Another judge got it first.");
    ForceLoad("clar.php");
}
?>
<br><br><center><b>Use the following fields to answer the clarification:
</b></center>
<form name="form1" method="post" action="claredit.php">
  <input type=hidden name="confirmation" value="noconfirm" />
  <center>
    <table border="0">