function execute($request)
{
$user_info = api_account_lookup_user_by_name($request['path_parts'][1]);
if ($user_info == null) {
return build_response_not_found("Not account by that name exists.");
}
$user_id = $user_info['user_id'];
$output = array('<h1>' . htmlspecialchars($user_info['name']) . '</h1>');
$profile = sql_query_item("SELECT * FROM `user_profiles` WHERE `user_id` = {$user_id} LIMIT 1");
if ($profile == null) {
$profile = array();
}
if (strlen($user_info['image_id']) > 0) {
array_push($output, '<div>', '<img src="/uploads/avatars/' . $user_info['image_id'] . '" />', '</div>');
}
$blurb = trim($profile['blurb']);
if (strlen($blurb) > 0) {
array_push($output, '<div>', nl2br(htmlspecialchars($blurb)), '</div>');
}
array_push($output, '<div style="padding-top:100px; font-style:italic; color:#888;">', "More interesting stuff will be put here, I promise.", '</div>');
return build_response_ok($user_info['name'], implode("\n", $output));
}
function execute($request)
{
$user_id = $request['user_id'];
if ($user_id == 0) {
return build_response_forbidden("You must be logged in to see this page.");
}
$has_blurb = true;
$user_info = api_account_canonicalize_user_db_entry(sql_query_item("SELECT * FROM `users` WHERE `user_id` = {$user_id} LIMIT 1"));
$user_profile = sql_query_item("SELECT * FROM `user_profiles` WHERE `user_id` = {$user_id} LIMIT 1");
if ($user_profile == null) {
$user_profile = array('user_id' => $user_id, 'blurb' => '', 'contact' => '');
$has_blurb = false;
}
$profile_image = $user_info['image_id'];
$profile_email = $user_info['email_addr'];
$profile_blurb = $user_profile['blurb'];
$new_profile_image_path = null;
$upload_success = false;
$errors = array();
if ($request['method'] == 'POST') {
$profile_email = trim($request['form']['profile_email']);
$profile_old_password = $request['form']['profile_old_password'];
$profile_new_password1 = $request['form']['profile_new_password1'];
$profile_new_password2 = $request['form']['profile_new_password2'];
$profile_blurb = $request['form']['profile_blurb'];
$password_change_attempt = strlen($profile_old_password) > 0 || strlen($profile_new_password1) > 0 || strlen($profile_new_password2) > 0;
$upload_avatar = count($request['files']) == 1 && $request['files'][0]['size'] > 0;
if ($upload_avatar) {
$file = $request['files'][0];
if (!$file['is_image']) {
array_push($errors, "File was not an image.");
} else {
$width = intval($file['image_width']);
$height = intval($file['image_height']);
if ($width < 10 || $height < 10) {
array_push($errors, "Avatar width and height must be greater than 10 pixels.");
} else {
if ($width > 100 || $height > 100) {
array_push($errors, "Avatar must be small enough to fit in a 100x100 pixel box.");
} else {
if ($file['size'] > 50 * 1024) {
array_push($errors, "Avatar filesize is too big (limit is 50KB)");
} else {
$image_key = generate_gibberish(10);
$extension = null;
switch ($file['type']) {
case 'PNG':
$extension = '.png';
break;
case 'JPG':
case 'JPEG':
$extension = '.jpg';
break;
case 'GIF':
$extension = '.gif';
break;
default:
break;
}
if ($extension == null) {
array_push($errors, "Unknown image format.");
} else {
$new_profile_image_path = $image_key . $extension;
$destination = 'uploads/avatars/' . $new_profile_image_path;
$error = false;
@copy($file['path'], $destination) or $error = true;
if ($error) {
array_push($errors, "An unknown error occurred while copying the image.");
} else {
$upload_success = true;
}
}
}
}
}
}
}
if ($upload_success) {
sql_query("\r\n\t\t\t\t\tUPDATE `users`\r\n\t\t\t\t\tSET\r\n\t\t\t\t\t\t`image_id` = '" . sql_sanitize_string($new_profile_image_path) . "',\r\n\t\t\t\t\t\t`image_dim` = '" . intval($width) . "|" . intval($height) . "'\r\n\t\t\t\t\tWHERE `user_id` = {$user_id}\r\n\t\t\t\t\tLIMIT 1");
}
$password_updated = false;
if ($password_change_attempt) {
$old_pass_hash = api_account_hash_password($profile_old_password);
$pass_hash = sql_query_item("SELECT `pass_hash` FROM `users` WHERE `user_id` = {$user_id} LIMIT 1");
if ($pass_hash['pass_hash'] != $old_pass_hash) {
array_push($errors, "Old password was incorrect.");
} else {
$result = api_account_validate_password($request['name'], $profile_new_password1, $profile_new_password2);
if ($result['ERROR']) {
$error = '';
switch ($result['message']) {
case 'PASSWORDS_DONT_MATCH':
$error = "New passowrd fields didn't match.";
break;
case 'PASSWORD_IS_BLANK':
$error = "Password was blank.";
break;
case 'PASSWORD_SAME_AS_USER':
$error = "Password was same as username.";
break;
case 'PASSWORD_EASY':
$error = "Password is too easy to guess.";
break;
default:
$error = "Invalid password.";
break;
}
array_push($errors, $error);
} else {
$password_updated = true;
sql_query("UPDATE `users` SET `pass_hash` = '" . sql_sanitize_string(api_account_hash_password($profile_new_password1)) . "' WHERE `user_id` = {$user_id} LIMIT 1");
}
}
}
$email_validate = api_account_validate_email($profile_email);
if ($email_validate['ERROR']) {
if ($email_validate['BLANK_EMAIL']) {
array_push($errors, "Email is blank.");
} else {
array_push($errors, "Invalid email.");
}
}
if (count($errors) == 0) {
sql_query("UPDATE `users` SET `email_addr` = '" . sql_sanitize_string($profile_email) . "' WHERE `user_id` = {$user_id} LIMIT 1");
if ($has_blurb) {
sql_query("UPDATE `user_profiles` SET `blurb` = '" . sql_sanitize_string($profile_blurb) . "' WHERE `user_id` = {$user_id} LIMIT 1");
} else {
if (strlen(trim($profile_blurb)) > 0) {
sql_insert('user_profiles', array('user_id' => $user_id, 'blurb' => $profile_blurb));
}
}
}
}
$output = array('<h1>Account Settings</h1>');
if ($upload_success) {
array_push($output, '<div>', "Profile Image Updated", '</div>');
}
if ($password_updated) {
array_push($output, '<div>', "Password updated.", '</div>');
}
if (count($errors) > 0) {
array_push($output, '<div style="color:#f00;"><div>', implode('</div><div>', $errors), '</div></div>');
}
array_push($output, '<form action="' . $request['path'] . '" method="post" enctype="multipart/form-data">');
$has_image = strlen($user_info['image_id']) > 0;
array_push($output, '<div style="padding-bottom:20px;">', '<h2>Profile Image</h2>', $has_image ? '<div><img src="/uploads/avatars/' . $user_info['image_id'] . '" /></div>' : '', '<div>', "Update: ", '<input type="file" name="avatar" />', '</div>', '<div>', '<input type="checkbox" name="profile_delete_image" value="1" /> Delete profile image', '</div>', '</div>');
array_push($output, '<div style="padding-bottom:20px;">', '<h2>Profile Blurb</h2>', '<div>', '<textarea name="profile_blurb" rows="6" style="width:600px;">' . htmlspecialchars($profile_blurb) . '</textarea>', '</div>', '</div>');
array_push($output, '<div style="padding-bottom:20px;">', '<h2>Email Address</h2>', '<div>', '<input type="text" name="profile_email" value="' . $profile_email . '" style="width:300px;"/>', '</div>', '</div>');
array_push($output, '<div style="padding-bottom:20px;">', '<h2>Change Password</h2>', '<div>(leave blank to leave as is)</div>', '<table>', '<tr><td>Old Password:</td><td><input type="password" name="profile_old_password" /></td></tr>', '<tr><td>New Password:</td><td><input type="password" name="profile_new_password1" /></td></tr>', '<tr><td>New Password Confirm:</td><td><input type="password" name="profile_new_password2" /></td></tr>', '</table>', '</div>');
array_push($output, '<div>', '<input type="submit" name="submit" value="Update" />', '</div>');
array_push($output, '</form>');
return build_response_ok('Account Settings', implode("\n", $output));
}
function api_account_authenticate_with_session($token_id, $current_ip)
{
$session = sql_query_item("SELECT * FROM `sessions` WHERE `session_id` = '" . sql_sanitize_string($token_id) . "' LIMIT 1");
$verified_session = null;
if ($session != null) {
$ttl = $session['ttl_hours'] * 3600;
$last_visit = $session['last_visit'];
$now = time();
if ($last_visit + $ttl < $now) {
// expired
sql_query("DELETE FROM `sessions` WHERE `session_id` = '" . sql_sanitize_string($token_id) . "' LIMIT 1");
} else {
if ($last_visit + 120 < $now || $session['last_ip'] != $current_ip) {
sql_query("UPDATE `sessions` SET `last_visit` = {$now}, `last_ip` = '" . sql_sanitize_string($current_ip) . "' WHERE `session_id` = '" . sql_sanitize_string($token_id) . "' LIMIT 1");
}
$verified_session = $session;
}
}
if ($verified_session == null) {
return api_error("NOT_FOUND");
}
$user_id = $verified_session['user_id'];
$user_info = api_account_lookup_user_by_id($user_id);
return api_success($user_info);
}
function api_forum_get_thread_info($user_id, $is_admin, $thread_id, $fetch_category_info_too = false)
{
$thread_info = api_forum_canonicalize_thread_db_entry(sql_query_item("SELECT * FROM `forum_threads` WHERE `thread_id` = " . intval($thread_id) . " LIMIT 1"));
if ($thread_info == null) {
return null;
}
if ($fetch_category_info_too) {
$category_id = $thread_info['category_id'];
$category_info = api_forum_get_category_info($user_id, $is_admin, $category_id, false);
if (!$is_admin && $category_info['is_admin_visible']) {
return null;
}
$thread_info['category_info'] = $category_info;
}
return $thread_info;
}
function api_autograder_get_language_info($language_key_or_id)
{
if ('' . $language_key_or_id == '' . intval($language_key_or_id)) {
return sql_query_item("SELECT * FROM `languages` WHERE `language_id` = " . intval($language_key_or_id) . " LIMIT 1");
} else {
return sql_query_item("SELECT * FROM `languages` WHERE `key` = '" . sql_sanitize_string($language_key_or_id) . "' LIMIT 1");
}
}
case 403:
case 404:
case 500:
if ($status != 200) {
http_response_code($status);
}
if (!$suppress_skin) {
echo generate_header($response['title'], $request, $response['js'], $response['css'], $response['onload']);
}
echo $response['body'];
if (!$suppress_skin) {
echo generate_footer($request);
}
break;
default:
http_response_code(500);
echo 'INVALID RESPONSE CODE';
break;
}
if ($log_not_found) {
$path = $request['path'];
if (strlen($path) > 200) {
$path = substr($path, 0, 200);
}
$tracker = sql_query_item("SELECT * FROM `not_found_tracker` WHERE `url` = '" . sql_sanitize_string($path) . "' LIMIT 1");
if ($tracker == null) {
sql_insert('not_found_tracker', array('url' => $path, 'hits' => 1));
} else {
sql_query("UPDATE `not_found_tracker` SET `hits` = `hits` + 1 WHERE `url` = '" . sql_sanitize_string($path) . "' LIMIT 1");
}
}
function execute($request)
{
$output = array('<h1>Code Golf</h1>', "<p><a href=\"https://en.wikipedia.org/wiki/Code_golf\">Code Golf</a> is a competition to see who can solve a programming problem using the fewest [key] \"strokes\".</p>", '</div>');
$now = time();
// TODO: migrate to api layer
$current_challenge = api_autograder_canonicalize_problem(sql_query_item("SELECT * FROM `code_problems` WHERE `type` = 'golf' AND `golf_start_time` <= {$now} AND `golf_end_time` > {$now} LIMIT 1"));
array_push($output, '<div style="padding-top:20px; margin-bottom:20px;">', '<div class="block" style="float:left; width:460px;">', '<p>' . "A new problem is posted every <s>2 weeks</s> once in a while. " . "During that time you can submit solutions. " . "Once time is up, the highest ranking (shortest) solutions will be awarded points. " . "You may still submit solutions after time is up for practice, but they won't be recorded for scores." . '</p>', '<p>Points are granted as follows on a per-language basis:</p>', '<ul>', '<li>First place: 3 points</li>', '<li>Second place: 2 points</li>', '<li>Third through fifth: 1 point</li>', '</ul>', '<p>Preference is given to earlier solutions in the event of ties. The maximum points you can receive is 3 × {number of languages}.</p>', '<p>More about <a href="/about#points">NP points</a>.</p>', '<p>Want a reminder every 2 weeks? New Golf questions will be announced via <a href="https://twitter.com/nerdparadise">twitter</a>.</p>', '</div>', '<div class="block" style="float:left; margin-left:20px; width:400px;">');
if ($current_challenge == null) {
array_push($output, '<h2>Current Challenge: None</h2>', '<div>Check back soon or poke <a href="/profiles/blake">Blake</a></div>');
} else {
array_push($output, '<h2>Current Challenge: <a href="/golf/' . $current_challenge['problem_id'] . '">' . htmlspecialchars($current_challenge['title']) . '</a></h2>', '<div><span style="color:#048; font-weight:bold;">' . seconds_to_duration($current_challenge['golf_end_time'] - time()) . '</span> Remain.</div>', '');
// TODO: migrate to api
$ranked_entries = sql_query("\r\n\t\t\t\tSELECT\r\n\t\t\t\t\tr.`user_id`,\r\n\t\t\t\t\tr.`integer_rank`,\r\n\t\t\t\t\tr.`code_size`,\r\n\t\t\t\t\tr.`language_id`,\r\n\t\t\t\t\tlang.`name` AS 'lang_name',\r\n\t\t\t\t\tlang.`key` AS 'lang_key'\r\n\t\t\t\tFROM `code_solutions` r\r\n\t\t\t\tINNER JOIN `languages` lang ON (lang.`language_id` = r.`language_id`)\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tr.`problem_id` = " . $current_challenge['problem_id'] . " AND\r\n\t\t\t\t\tr.`integer_rank` <= 3\r\n\t\t\t\tORDER BY r.`integer_rank`");
if ($ranked_entries->num_rows == 0) {
array_push($output, '<p>Currently there are no submissions.</p>', '<p><a href="/golf/' . $current_challenge['problem_id'] . '">Be the first!</a></p>');
} else {
array_push($output, '<h2 style="padding-top:20px; padding-bottom:10px;">Rankings</h2>');
$user_ids = array();
$languages = array();
$language_keys = array();
$language_names = array();
for ($i = 0; $i < $ranked_entries->num_rows; ++$i) {
$entry = $ranked_entries->fetch_assoc();
array_push($user_ids, $entry['user_id']);
$language_key = $entry['lang_key'];
if (!isset($languages[$language_key])) {
$languages[$language_key] = array();
array_push($language_keys, $language_key);
$language_names[$language_key] = $entry['lang_name'];
}
array_push($languages[$language_key], $entry);
}
sort($language_keys);
$user_infos = api_account_fetch_mini_profiles($user_ids);
foreach ($language_keys as $language_key) {
array_push($output, '<h3>', '<img src="/images/languages/' . $language_key . '_small.png" valign="middle" />', htmlspecialchars($language_names[$language_key]), '</h3>', '<table style="width:100%">');
$rank = 1;
foreach ($languages[$language_key] as $entry) {
$user_info = $user_infos['user_' . $entry['user_id']];
array_push($output, '<tr>', '<td>#' . $rank . '</td>', '<td><a href="/profiles/' . $user_info['login_id'] . '">' . htmlspecialchars($user_info['name']) . '</a></td>', '<td>' . $entry['code_size'] . ' byte' . ($entry['code_size'] == 1 ? '' : 's') . '</td>', '</tr>');
++$rank;
}
array_push($output, '</table>');
}
}
}
array_push($output, '</div>', '</div>');
array_push($output, '<div style="clear:left; padding-top:20px;">', '<div class="fullblock">', '<h2>All Challenges</h2>');
$languages = api_autograder_get_language_infos(true);
$problems_and_scores = api_autograder_menu_get_problems($request['user_id'], $request['is_admin'], 'golf', 0, true);
$ordered_problem_ids = $problems_and_scores['ordered_problem_ids'];
array_push($output, '<table cellspacing="0" cellpadding="4"><tr style="font-size:14px; font-weight:bold;"><td></td><td></td>');
foreach ($languages as $language) {
array_push($output, '<td style="padding-right:30px;">');
array_push($output, '<img src="/images/languages/' . htmlspecialchars($language['key']) . '_small.png" valign="middle" />');
array_push($output, htmlspecialchars($language['name']));
array_push($output, '</td>');
}
array_push($output, '</tr>');
$now = time();
$alt = true;
foreach ($ordered_problem_ids as $problem_id) {
$problem_info = $problems_and_scores['problem_' . $problem_id];
$is_active = $now < $problem_info['golf_end_time'];
$alt = !$alt;
$bg_color = $is_active ? 'cde' : ($alt ? 'fff' : 'eee');
array_push($output, '<tr style="' . ($is_active ? 'font-weight:bold;' : '') . 'text-align:center;background-color:#' . $bg_color . ';">', '<td style="text-align:left;"><a href="/golf/' . $problem_id . '">', htmlspecialchars($problem_info['title']), '</a></td>', '<td>');
if ($is_active) {
array_push($output, "Ends: " . unix_to_scaling_time($problem_info['golf_end_time']));
} else {
array_push($output, "Ended: " . unix_to_scaling_time($problem_info['golf_start_time']));
}
array_push($output, '</td>');
foreach ($languages as $language) {
$score = $problems_and_scores['score_' . $problem_id . '_' . $language['language_id']];
if (intval($score['code_size']) > 0) {
array_push($output, '<td>');
array_push($output, $score['code_size']);
array_push($output, ' (#' . $score['integer_rank'] . ')');
// TODO: little trophy images.
} else {
array_push($output, '<td style="color:#888;">');
array_push($output, 'N/A');
}
array_push($output, '</td>');
}
array_push($output, '</tr>');
}
array_push($output, '</table>');
array_push($output, '</div>');
return build_response_ok("Code Golf", implode("\n", $output));
}
