function decryptData($crypttext, $key, $txt = '') { $crypttext = base64_decode($crypttext); $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC); $test1 = ''; $test2 = 'x'; $clen = strlen($crypttext); if ($clen > $iv_size) { $iv = substr($crypttext, $clen - $iv_size, $iv_size); $crypttext = substr($crypttext, 0, $clen - $iv_size); $key = myhash($key . "123456789012345678901234567890"); // . myhash($key); $decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, substr(pack("H*", $key), 0, 32), $crypttext, MCRYPT_MODE_CBC, $iv); $pos = strrpos($decrypttext, "#"); $iscompressed = false; if (substr($decrypttext, $pos - 1, 1) == '@') { $iscompressed = true; } $ll = strlen(myshorthash("x")); $test2 = substr($decrypttext, $pos - 1 - $ll, $ll); $decrypttext = substr($decrypttext, 0, $pos - 1 - $ll); $test1 = myshorthash($decrypttext); } if ($test1 != $test2) { if ($txt == '') { MSGError("Decryption error -- contact an admin now (" . getFunctionName() . ")"); } // LogError("Decryption error -- contact an admin, possibly password wrong (" . getFunctionName() .",$txt)"); return ""; } if ($iscompressed) { return unzipstr($decrypttext); } return $decrypttext; }
function DBcrc($contest, $id, $c = null) { $docommit = false; if ($c == null) { $docommit = true; $c = DBConnect(); DBExec($c, "begin work", "DBcrc(begin)"); } if (($f = DB_lo_open($c, $id, "r")) === false) { if ($docommit) { DBExec($c, "commit work", "DBcrc(commit)"); } // just to return a unique string that will not match any other... return "no-HASH-" . rand() . "-" . rand() . "-" . time(); } $str = DB_lo_read($contest, $f); DB_lo_close($f); if ($docommit) { DBExec($c, "commit work", "DBcrc(commit)"); } return myshorthash($str); }
function DBNewProblem($contestnumber, $param, $c = null) { if (isset($param["action"]) && $param["action"] == "delete") { return DBDeleteProblem($contestnumber, $param); } $ac = array('number', 'name'); $type['number'] = 1; $type['updatetime'] = 1; $ac1 = array('colorname', 'fake', 'color', 'updatetime', 'fullname', 'basename', 'inputfilename', 'inputfilepath'); $colorname = ''; $color = ''; $fake = 'f'; foreach ($ac as $key) { if (!isset($param[$key])) { MSGError("DBNewProblem param error: {$key} is not set"); return false; } if (isset($type[$key]) && !is_numeric($param[$key])) { MSGError("DBNewProblem param error: {$key} is not numeric"); return false; } ${$key} = sanitizeText($param[$key]); } $basename = ''; $inputfilename = ''; $inputfilepath = ''; $fullname = ''; $updatetime = -1; foreach ($ac1 as $key) { if (isset($param[$key])) { if (isset($type[$key]) && !is_numeric($param[$key])) { MSGError("DBNewProblem param error: {$key} is not numeric"); return false; } ${$key} = sanitizeText($param[$key]); } } $t = time(); if ($updatetime <= 0) { $updatetime = $t; } $inputhash = ''; $sql2 = "select * from problemtable where contestnumber={$contestnumber} and problemnumber={$number} for update"; // "select * from problemtable where contestnumber=$contestnumber and problemnumber=$number " . // "and probleminputfilename='$inputfilename'"; $cw = false; if ($c == null) { $cw = true; $c = DBConnect(); DBExec($c, "begin work", "DBNewProblem(transaction)"); } $r = DBExec($c, $sql2, "DBNewProblem(get problem for update)"); $n = DBnlines($r); $ret = 1; $oldfullname = ''; $deservesupdatetime = false; if ($n == 0) { DBExec($c, "insert into problemtable (contestnumber, problemnumber, problemname, problemcolor) values " . "({$contestnumber}, {$number}, '{$name}','-1')", "DBNewProblem(insert problem)"); $deservesupdatetime = true; $s = "created"; } else { $lr = DBRow($r, 0); $t = $lr['updatetime']; $oldfullname = $lr['problemfullname']; $s = "updated"; $inputhash = $lr['probleminputfilehash']; } if ($s == "created" || $updatetime > $t) { if (substr($inputfilepath, 0, 7) != "base64:") { if ($inputfilepath != "") { $hash = myshorthash(file_get_contents($inputfilepath)); if ($hash != $inputhash) { $oldoid = ''; if (isset($lr)) { $oldoid = $lr['probleminputfile']; } if (($oid1 = DB_lo_import($c, $inputfilepath)) === false) { DBExec($c, "rollback work", "DBNewProblem(rollback-input)"); LOGError("Unable to create a large object for file {$inputfilename}."); MSGError("problem importing file to database. See log for details!"); exit; } if ($oldoid != '') { DB_lo_unlink($c, $oldoid); } $inputhash = DBcrc($contestnumber, $oid1, $c); } else { $oid1 = $lr['probleminputfile']; } } } else { $inputfilepath = base64_decode(substr($inputfilepath, 7)); $hash = myshorthash($inputfilepath); if ($hash != $inputhash) { $oldoid = ''; if (isset($lr)) { $oldoid = $lr['probleminputfile']; } if (($oid1 = DB_lo_import_text($c, $inputfilepath)) == null) { DBExec($c, "rollback work", "DBNewProblem(rollback-i-import)"); LOGError("Unable to import the large object for file {$inputfilename}."); MSGError("problem importing file to database. See log for details!"); exit; } if ($oldoid != '') { DB_lo_unlink($c, $oldoid); } $inputhash = DBcrc($contestnumber, $oid1, $c); } else { $oid1 = $lr['probleminputfile']; } } if ($name != "") { DBExec($c, "update problemtable set problemname='{$name}' where contestnumber={$contestnumber} " . "and problemnumber={$number}", "DBNewProblem(update name)"); } if ($fullname != "" || strpos($oldfullname, '(DEL)') !== false) { $deservesupdatetime = true; DBExec($c, "update problemtable set problemfullname='{$fullname}' where contestnumber={$contestnumber} " . "and problemnumber={$number}", "DBNewProblem(update fullname)"); } if ($basename != "") { $deservesupdatetime = true; DBExec($c, "update problemtable set problembasefilename='{$basename}' where contestnumber={$contestnumber} " . "and problemnumber={$number}", "DBNewProblem(update basename)"); } if ($colorname != "") { DBExec($c, "update problemtable set problemcolorname='{$colorname}' where contestnumber={$contestnumber} " . "and problemnumber={$number}", "DBNewProblem(update colorname)"); } if ($color != "") { DBExec($c, "update problemtable set problemcolor='{$color}' where contestnumber={$contestnumber} " . "and problemnumber={$number}", "DBNewProblem(update color)"); } if ($inputfilename != "") { $deservesupdatetime = true; DBExec($c, "update problemtable set probleminputfilename='{$inputfilename}' where " . "contestnumber={$contestnumber} and problemnumber={$number} ", "DBNewProblem(update inputfilename)"); } if ($inputfilepath != "") { $deservesupdatetime = true; DBExec($c, "update problemtable set probleminputfile={$oid1},probleminputfilehash='{$inputhash}' where contestnumber={$contestnumber} and " . "problemnumber={$number} ", "DBNewProblem(update inputfile)"); } if ($fake == "t") { $deservesupdatetime = true; DBExec($c, "update problemtable set fake='{$fake}' where contestnumber={$contestnumber} and " . "problemnumber={$number}", "DBNewProblem(update fake)"); } if ($deservesupdatetime) { $ds = DIRECTORY_SEPARATOR; if ($ds == "") { $ds = "/"; } @unlink($_SESSION["locr"] . $ds . "private" . $ds . "problemtmp" . $ds . "contest" . $contestnumber . "-problem" . $number . '.name'); DBExec($c, "update problemtable set updatetime=" . $updatetime . " where contestnumber={$contestnumber} and problemnumber={$number}", "DBNewProblem(time)"); } if ($cw) { DBExec($c, "commit work", "DBNewProblem(commit)"); } LOGLevel("Problem {$number} (inputfile={$inputfilename}) {$s} (user="******"usertable"]["usernumber"] . ",site=" . $_SESSION["usertable"]["usersitenumber"] . ",contest={$contestnumber})", 2); $ret = 2; } else { if ($cw) { DBExec($c, "commit work", "DBNewProblem(commit)"); } } return $ret; }
function zipstr($str) { if (!function_exists('gzcompress')) { MSGError("Compression error -- zlib not installed (" . getFunctionName() . ")"); LogError("Compression error -- zlib not installed (" . getFunctionName() . ")"); } return gzcompress($str . '#' . myshorthash($str)); }
case "probdescfile": $probdescfile = trim($tmp[1]); $i++; for ($j = 1; trim($ar[$i]) != "***{$asep}***"; $j++) { if (substr($probdescfile, 0, 7) != "base64:") { $probdescfilepath .= $ar[$i]; } else { $probdescfilepath .= trim($ar[$i]); } $i++; } if (substr($probdescfile, 0, 7) == "base64:") { $probdescfile = substr($probdescfile, 7); $probdescfilepath = base64_decode($probdescfilepath); } if (trim($probdescfilehash) != "" && myshorthash($probdescfilepath) != trim($probdescfilehash)) { echo "ERROR: Hash of {$probdescfile} does not match<br>\n"; } break; } $i++; if ($i >= count($ar)) { break; } $x = trim($ar[$i]); } if (isset($probnumber) && is_numeric($probnumber) && isset($probname) && isset($probfullname) && isset($probbasename) && isset($probtimelimit) && isset($probcolorname) && isset($probcolor)) { DBNewProblem($nc, $probnumber, $probname, $probfullname, $probbasename, $probinputfile, $probinputfilepath, $probsolfile, $probsolfilepath, 'f', $probdescfile, $probdescfilepath, $probtimelimit, $probcolorname, $probcolor, 1, 1, 1); echo "Problem {$probnumber} created<br>"; } }