uncommenting the following "session_start()" call.
*/
$config['RoleSessionVar'] = 'CKFinder_UserRole';
//session_start();
/*
AccessControl : used to restrict access or features to specific folders.
Many "AccessControl" entries can be added. All attributes are optional.
Subfolders inherit their default settings from their parents' definitions.
- The "role" attribute accepts the special '*' value, which means
"everybody".
- The "resourceType" attribute accepts the special value '*', which
means "all resource types".
*/
$access = isset($_SESSION['user_id']) && permission_admin($_SESSION['user_id']);
$config['AccessControl'][] = array('role' => '*', 'resourceType' => '*', 'folder' => '/', 'folderView' => true, 'folderCreate' => $access, 'folderRename' => $access, 'folderDelete' => $access, 'fileView' => true, 'fileUpload' => $access, 'fileRename' => $access, 'fileDelete' => $access);
/*
For example, if you want to restrict the upload, rename or delete of files in
the "Logos" folder of the resource type "Images", you may uncomment the
following definition, leaving the above one:
$config['AccessControl'][] = Array(
'role' => '*',
'resourceType' => 'Images',
'folder' => '/Logos',
'folderView' => true,
'folderCreate' => true,
'folderRename' => true,
'folderDelete' => true,
<?php
require_once '../include/function.php';
if (!isset($_SESSION['user_id'])) {
redirect('error.php?msg=' . urlencode('Please login first'));
}
if (!permission_admin($_SESSION['user_id'])) {
redirect('error.php?msg=' . urlencode('Access denied'));
}
set_ojinfo('title', 'ECUST Online Judge - Admin');
include '../include/header.php';
?>
Hello?
<?php
include '../include/footer.php';
?>
/**
* log in.
* if the user id and password is correct, return success
* @param string $login_name The key of the option's name
* @param string $login_pwd The key of the option's name
* @return string return success if the user id and password is correct, or return error message
* @example get_ojinfo('title');
*/
function oj_login($login_name, $login_pwd)
{
if (strlen($login_pwd) != 32) {
return 'Please make sure that you have enabled the Javascript.';
}
$login_name = get_to_mysql($login_name);
$login_pwd = get_to_mysql($login_pwd);
$query = "select user_pwd,user_id,name from users where name='{$login_name}'";
$ret = oj_query($query);
$row = mysql_fetch_row($ret);
if (empty($row[0])) {
return 'Wrong User ID.';
}
if ($row[0] != $login_pwd) {
return 'Wrong Password.';
}
// banned?
$login_id = $row[1];
$login_name = $row[2];
$_SESSION['user_name'] = $login_name;
$_SESSION['user_id'] = $login_id;
$_SESSION['is_admin'] = permission_admin($login_id);
$_SESSION['is_judger'] = permission_judger($login_id);
$login_ip = get_ip();
$query = "update users set last_login_ip='{$login_ip}', last_login_time=now() where user_id=" . intval($login_id);
$ret = oj_query($query);
return 'success';
}
if ($clist_show == 'Current') {
if (strlen($where) > 0) {
$where = $where . 'and ';
}
$where = $where . 'end_time>now() and start_time<now() ';
} else {
$clist_show = 'All';
}
}
}
if (strlen($where) > 0) {
$where = 'where ' . $where;
}
$query = $query . $where . "order by contest_id desc limit {$contest_limit} ";
$ret = oj_query($query);
$is_admin = isset($_SESSION['user_id']) && permission_admin($_SESSION['user_id']);
while ($row = mysql_fetch_assoc($ret)) {
if (!isset($clist_max)) {
$clist_max = $row['contest_id'];
$clist_min = $row['contest_id'];
} else {
$clist_min = $row['contest_id'];
}
$clist_contest_id = $row['contest_id'];
echo '<tr>';
echo "<td>{$clist_contest_id}</td>";
$clist_title = htmlspecialchars($row['title']);
echo "<td align=left><a href='showcontest.php?contest_id={$clist_contest_id}'>{$clist_title}</a>";
if ($is_admin) {
echo "<a href='admin_editcontest.php?contest_id={$clist_contest_id}'>[Edit]</a>";
}
if (!isset($_GET['cid'])) {
die('Unknow contest id!');
}
require_once dirname(__FILE__) . '/../include/function.php';
$cid = intval(get_to_mysql($_GET['cid']));
$res = oj_query('Select title, start_time, end_time, description, ispub, start_time<now() as start, end_time<now() as end From contest Where contest_id=' . $cid);
$contest = mysql_fetch_array($res);
$problems = array();
if (empty($contest)) {
die('Contest not founded!');
}
$basedir = '../resource/files/';
$filename = $_GET['cid'] . '_' . $contest['title'] . '_source.zip';
if (false == file_exists($basedir . $filename)) {
if (!(isset($_SESSION['user_id']) && permission_admin($_SESSION['user_id']))) {
die('Permission deny!');
}
if (0 == intval($contest['start'])) {
die('Contest has not began!');
}
if (0 == intval($contest['end'])) {
die('Contest has not ended!');
}
$readme = "Contest: \t{$contest['title']}\r\n\r\nStart time: \t{$contest['start_time']}\r\nEnd time: \t{$contest['end_time']}\r\n\r\nDescript:\r\n {$contest['description']}\r\n\r\nProblem List:\r\n";
$res = oj_query('Select problems.pro_id, title, new_id From contest_problems, problems Where problems.pro_id=contest_problems.pro_id and contest_id=' . $cid);
$contest_problem_map = array();
while ($contest_problem = mysql_fetch_array($res)) {
$contest_problem_map[$contest_problem['pro_id']] = chr(64 + intval($contest_problem['new_id'])) . '_' . $contest_problem['title'];
$problems[$contest_problem_map[$contest_problem['pro_id']]] = array();
$readme .= chr(64 + intval($contest_problem['new_id'])) . " {$contest_problem['title']}\r\n";
