<?php require_once "../include/header.php"; gethead(1, "sess", "评测"); if (!$_POST['pid']) { 异常("你来错地方了!"); } $LIB->hlighter(); $LIB->func_socket(); $p = new DataAccess(); $sql = "select * from problem where pid={$_POST['pid']}"; $p->dosql($sql); $d = $p->rtnrlt(0); if (!$d['submitable'] && !有此权限('查看题目')) { 异常("不可提交!", 取路径("problem/index.php")); } $lang = langstrtonum($_POST['lang']); $info = array(); $info['pid'] = $_POST['pid']; $info['sid'] = $_POST['sid']; $info['uid'] = $_SESSION['ID']; $info['language'] = $lang; $info['pname'] = $d['filename']; $info['datacnt'] = $d['datacnt']; $info['timelimit'] = $d['timelimit']; $ptitle = $d['probname']; $info['memorylimit'] = $d['memorylimit']; $info['plugin'] = $d['plugin']; $info['compiledir'] = $SET['dir_source']; $info['mode'] = "normal"; if ($_POST['testmode'] == '1' && 有此权限('测试题目')) {
<?php require_once "../include/header.php"; gethead(8, "修改用户", ""); $p = new DataAccess(); 过滤(); if ($_GET[action] == "del") { $sql = "select admin,uid from userinfo where uid={$_GET[uid]}"; $cnt = $p->dosql($sql); if (!$cnt) { 异常("无此用户!", 取路径("user/index.php")); } $d = $p->rtnrlt(0); $sql = "delete from userinfo where uid={$_GET[uid]}"; $p->dosql($sql); 提示("删除用户成功!", 取路径("user/index.php")); } else { if ($_GET[action] == "edit") { $tt = ""; $sql = "update userinfo set nickname='{$_POST[nickname]}' ,readforce={$_POST[readforce]} ,email='{$_POST[email]}',memo='{$_POST[memo]}',realname='{$_POST[realname]}',gbelong={$_POST[gbelong]} where uid={$_GET[uid]}"; $p->dosql($sql); if ($_POST['reset'] == "reset") { $sql = "update userinfo set pwdhash='" . encode("") . "' where uid={$_GET[uid]}"; $p->dosql($sql); $ttt = "并且重置密码为空。"; } 提示("编辑用户成功!{$ttt}", 取路径("user/detail.php?uid={$_GET['uid']}")); } }
<?php require_once "../include/header.php"; gethead(8, "admin", ""); 过滤(); $p = new DataAccess(); $sql = "update settings set value='{$_POST[value]}' where ssid={$_REQUEST[ssid]}"; $p->dosql($sql); 提示("修改参数<code>{$_REQUEST[ssid]}</code>成功!", 取路径("admin/settings.php?settings=settings"));
$d = $p->rtnrlt(0); echo "{$d[pwdtipques]}?"; ?> </span></p> <p>上面问题的答案 <input name="ans" type="text" id="ans" /> </p> <p> <button type="submit" class='btn'>下一步</button> <input name="User" type="hidden" id="User" value="<?php echo $_POST['User']; ?> " /> </p> </form> <?php } } else { $sql = "select pwdtipanshash from userinfo where usr='******'User'] . "'"; $p->dosql($sql); $d = $p->rtnrlt(0); if ($d[pwdtipanshash] == encode($_POST[ans])) { $sql = "update userinfo set pwdhash='" . encode("") . "' where usr='******'User'] . "'"; $p->dosql($sql); 提示("密码已经被清空,请立刻登录并修改密码!"); } else { 异常("密码提示问题的答案不正确!", 取路径("user/lost.php")); } } } include_once "../include/footer.php";
<?php require_once "../include/header.php"; gethead(0, "sess", ""); if (!有此权限('查看用户') && $_SESSION['ID'] != $_GET['uid']) { 异常("没有权限,且不是本人!", 取路径("user/detail.php?uid={$_GET['uid']}")); } chdir($SET['dir_source']); $uid = (int) $_GET['uid']; $dir = "{$uid}"; $src = "tmp.zip"; exec("rm {$src}"); $zip = "zip -r {$src} {$dir}"; exec($zip); header("Content-type: application/zip"); header("Content-Disposition: attachment; filename=\"{$dir}.zip\""); @readfile($src); ?>
<?php require_once "../include/header.php"; gethead(8, "sess", ""); 过滤(); $p = new DataAccess(); if (!$_POST['pid']) { 异常("没有选择题目!", 取路径("problem/index.php")); } if (!$_POST['title']) { 异常("没有填写题解名称!", 取路径("problem/problem.php?pid={$_POST['pid']}")); } $sql = "select * from solution where `link`='' limit 1"; $cnt = $p->dosql($sql); if (!$cnt) { $sql1 = "insert into category(cname,memo) values('{$_POST['cname']}','{$_POST['memo']}')"; $p->dosql($sql1); } else { 提示("添加题目 {$_POST['pid']} 分类 “{$e['caid']}. {$_POST['cname']}” 成功,虽然它之前就已经存在了!", 取路径("problem/problem.php?pid={$_POST['pid']}")); }
if ($pid) { $sql = "select probname from problem where pid={$pid} limit 1"; $cnt = $p->dosql($sql); if ($cnt) { $e = $p->rtnrlt(0); } else { 异常("无此题目!", 取路径("problem/commentlist.php")); } } else { if ($aid) { $sql = "select title from page where aid={$aid} limit 1"; $cnt = $p->dosql($sql); if ($cnt) { $e = $p->rtnrlt(0); } else { 异常("无此页面!", 取路径("page/index.php")); } } else { 异常("什么也没找到!"); } } ?> <div class='container-fluid'> <form method="post" action="sendcomments.php" class='form-horizontal' id="tijiao"> <div class='modal-header'> <h3><?php echo $cid ? "修改" : "发表"; ?> <?php if ($pid) {
if (!file_exists($_SESSION[ID])) { mkdir($_SESSION[ID]); chmod($_SESSION[ID], 0775); } chdir($_SESSION[ID]); if (file_exists($fname)) { unlink($fname); } move_uploaded_file($_FILES['file']['tmp_name'], $fname); chmod($fname, 0775); if (!file_exists($fname)) { 异常("比赛提交代码文件 {$fname} 失败!", 取路径("contest/problem.php?pid={$_POST['pid']}&ctid={$_POST['ctid']}")); } $p = new DataAccess(); $sql = "select csid from compscore where uid={$_SESSION[ID]} and pid={$_POST[pid]} and ctid={$_POST[ctid]}"; $cnt = $p->dosql($sql); if ($cnt) { $sql = "update compscore set subtime=" . time() . ",lang={$nlang} where ctid={$_POST[ctid]} and uid={$_SESSION[ID]} and pid={$_POST[pid]}"; $p->dosql($sql); } else { $sql = "insert into compscore(ctid,uid,pid,subtime,lang) values({$_POST[ctid]},{$_SESSION[ID]},{$_POST[pid]}," . time() . ",{$nlang})"; $p->dosql($sql); } $sql = "select csid from compscore where uid={$_SESSION[ID]} and pid={$_POST[pid]} and ctid={$_POST[ctid]}"; $cnt = $p->dosql($sql); if ($cnt) { $d = $p->rtnrlt(0); 提示("比赛提交代码成功!", 取路径("contest/code.php?csid={$d['csid']}")); } else { 异常("比赛提交代码失败!", 取路径("contest/problem.php?pid={$_POST['pid']}&ctid={$_POST['ctid']}")); }
<?php require_once "../include/header.php"; gethead(8, "分组管理", ""); 过滤(); if ($_REQUEST[action] == 'add') { $p = new DataAccess(); $sql = "insert into groups(gname,memo,adminuid,parent) values('{$_POST[gname]}','{$_POST[memo]}','{$_POST['adminuid']}','{$_POST['parent']}')"; $p->dosql($sql); 提示("添加分组 {$_POST[gname]} 成功!", 取路径("user/grouplist.php")); } if ($_REQUEST[action] == 'edit') { $p = new DataAccess(); $sql = "update groups set gname='{$_POST[gname]}',memo='{$_POST[memo]}',adminuid='{$_POST['adminuid']}',parent='{$_POST['parent']}' where gid={$_REQUEST[gid]}"; $p->dosql($sql); 提示("修改分组 {$_POST[gname]} 成功!", 取路径("user/grouplist.php")); }
} $subgroup = $LIB->getsubgroup($q, $d['gid']); $subgroup[0] = $d['gid']; $promise = false; foreach ($subgroup as $value) { if ($value == (int) $_SESSION['group']) { $promise = true; break; } } if (!$promise && !有此权限('查看页面')) { exit; } $aid = $d[aid]; } else { 异常("页面不存在!", 取路径("page/index.php")); } ?> <div class='row-fluid'> <div class='page'> <div class="problem tou"> <h1><?php echo $d['title']; if (有此权限('修改页面')) { ?> <a href="editpage.php?action=edit&aid=<?php echo $d['aid']; ?> " title="修改页面 <?php echo $d['title'];
<?php require_once "../include/header.php"; gethead(8, "普通用户", ""); $txt = ""; $path = 路径("images/gravatar") . '/'; $email = $_GET['email']; for ($i = 0; $i <= 200; $i++) { $file = $path . $email . "s{$i}"; if (file_exists($file)) { unlink($file); $txt .= "<p>清除 " . $file . " 中... </p>"; } } 提示($txt . "重建头像缓存完成!", 取路径("user/panel.php"));
gethead(8, "sess", ""); $p = new DataAccess(); $scd = (int) $_POST['showcode']; $uid = (int) $_SESSION['ID']; $pid = (int) $_POST['pid']; $aid = (int) $_POST['aid']; $cid = (int) $_POST['cid']; $detail = mysql_real_escape_string($_POST['detail']); $showcode = (int) $_POST['showcode']; $tm = time(); if ($cid) { $sql = "update comments set detail='{$detail}', stime={$tm} ,showcode={$showcode} where cid={$cid}"; } else { if ($pid) { $sql = "insert into comments(pid,uid,detail,stime,showcode) values({$pid},{$uid},'{$detail}',{$tm} ,{$showcode})"; } else { if ($aid) { $sql = "insert into comments(aid,uid,detail,stime,showcode) values({$aid},{$uid},'{$detail}',{$tm} ,{$showcode})"; } else { 异常("发表评论失败!", 取路径("problem/comments.php")); } } } $cnt = $p->dosql($sql); if ($pid) { 提示("发表评论成功!", 取路径("problem/comments.php?pid={$pid}")); } else { if ($aid) { 提示("发表评论成功!", 取路径("problem/comments.php?aid={$aid}")); } }
exec("tree -ah > /tmp/cogs_back_info.log"); flush(); echo "<p><pre>" . file_get_contents("/tmp/cogs_back_info.log") . "</pre><p>"; if (file_exists("{$filename}.tar.gz")) { echo "<span class=ok>成功导出全部测试数据!</span>"; } else { echo "<span class=no>导出测试数据失败!</span>"; } } else { if ($_POST['backtype'] == "showback") { echo "<h4>备份文件夹<code>{$SET['dir_databackup']}</code>下的内容如下:</h4>"; flush(); exec("tree -ah > /tmp/cogs_back_info.log"); echo "<pre>" . file_get_contents("/tmp/cogs_back_info.log") . "</pre>"; } else { 异常("未定义的操作!", 取路径("admin/backup.php")); } } } } } ?> <a href="backup.php">返回备份与恢复页面</a> </div> <?php chdir($ima); include_once "../include/footer.php"; ?>
正在连接评测机... <?php flush(); $free = $Cp->getgds($_POST['judger']); if (!$free) { //$Cp->unlock(); 异常("当前没有空闲的评测机,请稍后重新提交。", 取路径("problem/problem.php?pid={$_POST['pid']}")); } $Cp->lock(); $Cp->getdir(); if ($_POST['rejudge'] == 1) { $Cp->get_rejudge_src($src); } else { if (!$Cp->getupload()) { $Cp->unlock(); 异常("源代码上传失败。请检查文件大小。", 取路径("problem/problem.php?pid={$_POST['pid']}")); } } ?> <span class='badge badge-info'><?php echo $Cp->state['grid']; ?> </span> <span class='label label-info'><?php echo $Cp->state['name']; ?> <?php echo $Cp->state['ver']; ?> </span> <?php
require_once "../include/header.php"; gethead(8, "修改页面", ""); 过滤(); //date_default_timezone_set("Asia/Shanghai"); if ($_REQUEST[action] == 'add') { $p = new DataAccess(); $sql = "insert into page(title,`force`,`text`,`time`,etime,uid,`group`) values('{$_POST[title]}','{$_POST[force]}','" . $_POST[text] . "','" . time() . "','" . time() . "','{$_SESSION[ID]}','{$_POST['group']}')"; $p->dosql($sql); $d = $p->rtnrlt(0); $aid = $d['aid']; 提示("新建页面 {$_POST[title]} 成功", 取路径("page/page.php?aid={$aid}")); } else { if ($_REQUEST[action] == 'edit') { $p = new DataAccess(); $sql = "update page set title='{$_POST[title]}',`force`={$_POST[force]}, etime=" . time() . ",`text`='" . $_POST[text] . "',`group`='{$_POST['group']}' where aid={$_REQUEST[aid]}"; $p->dosql($sql); $aid = $_REQUEST[aid]; 提示("修改页面 {$_POST[title]} 成功", 取路径("page/page.php?aid={$aid}")); } else { if ($_REQUEST[action] == 'del') { $p = new DataAccess(); $sql = "delete from page where aid={$_REQUEST[aid]}"; $p->dosql($sql); $aid = 0; 异常("删除页面 {$_REQUEST[aid]} 成功", 取路径("page/index.php")); } } } ?>
<?php require_once "../include/header.php"; gethead(8, "sess", ""); $p = new DataAccess(); $_POST['fromid'] = (int) $_POST['fromid']; $_POST['toid'] = (int) $_POST['toid']; if (!$_POST['fromid']) { 异常("发件人错误!", 取路径("mail/index.php")); } if (!$_POST['toid']) { 异常("收件人错误!", 取路径("mail/index.php")); } if (!$_POST['title']) { 异常("标题错误!", 取路径("mail/index.php")); } if (!$_POST['msg']) { 异常("信件内容错误!", 取路径("mail/index.php")); } $sql = "insert into mail(mid, fromid, toid, time, readed, title, msg) values(0, {$_POST['fromid']}, {$_POST['toid']}, " . time() . ", 0, '{$_POST['title']}', '{$_POST['msg']}')"; $p->dosql($sql); // or die(mysql_error()); 提示("发送邮件成功!", 取路径("mail/index.php"));
} } $sql = "update problem set probname='{$_POST['probname']}',filename='{$_POST[filename]}',readforce={$rf},submitable={$sub},datacnt={$_POST[datacnt]},timelimit={$_POST[timelimit]},memorylimit={$_POST[memorylimit]},detail='" . $_POST['detail'] . "',difficulty={$_POST[difficulty]},plugin='{$_POST['plugin']}',`group`='{$_POST['group']}' where pid={$_REQUEST['pid']}"; $p->dosql($sql); foreach ($_POST[cate] as $k => $v) { $sql = "select tid from tag where caid={$k} and pid={$_REQUEST[pid]}"; $cnt = $p->dosql($sql); if (!$cnt) { if ($v) { $sql = "insert into tag(pid,caid) values({$_REQUEST[pid]},{$k})"; } } else { if (!$v) { $sql = "delete from tag where pid={$_REQUEST[pid]} and caid={$k}"; } } $p->dosql($sql); } $pid = $_REQUEST[pid]; 提示("{$ff} 修改题目 {$pid} 成功!", 取路径("problem/problem.php?pid={$pid}"), 60); } } /* else if ($_REQUEST[action]=='del') { if(!有此权限("修改题目")) 异常("没有修改权限!", 取路径("problem/index.php")); $p=new DataAccess(); $sql="delete from problem where pid={$_REQUEST['pid']}"; $p->dosql($sql); $pid=0; 提示("删除题目 $pid 成功!", 取路径("problem/index.php")); }*/
if (!preg_match('/(\\S{1,20})/', $_POST['nickname'])) { 异常("昵称长度必须在[2,20]中。", $regpage); } if (!preg_match('/(\\S*@\\S*\\.\\S*)/', $_POST['email'])) { 异常("电子邮箱格式不正确。", $regpage); } if (!preg_match('/(\\S{0,8})/', $_POST['realname'])) { 异常("真实姓名长度必须在[0,8]中,应该是汉字。", $regpage); } if (!preg_match('/(.{0,64})/', $_POST['passwordtip'])) { 异常("提示问题长度必须在[0,64]中。", $regpage); } if (!preg_match('/(.{0,64})/', $_POST['passwordtipans'])) { 异常("提示问题答案长度必须在[0,64]中。", $regpage); } $sql = "insert into userinfo(uid,usr,nickname,readforce,admin,regtime,pwdhash,pwdtipques,pwdtipanshash,memo,realname,email,gbelong,user_style,style) values (0, '{$_POST[usr]}','{$_POST[nickname]}','{$SET['reg_readforce']}',0, " . time() . ",'" . encode($_POST[pwd]) . "' ,'{$_POST[passwordtip]}' , '" . encode($_POST[passwordtipans]) . "', '{$_POST[memo]}','{$_POST['realname']}','{$_POST['email']}','{$SET['reg_defgroup']}','{$SET['user_style']}', 0)"; $p->dosql($sql); $sql = "select * from userinfo where usr='******'usr'] . "'"; $cnt2 = $p->dosql($sql); if ($cnt2 == 1) { $d = $p->rtnrlt(0); } else { 异常("用户 {$_POST['usr']} 注册失败!", 取路径("user/register.php?accept=1")); } $tm = time() + 7776000; setcookie("cogs_usr", $_POST[usr], $tm, "/"); setcookie("cogs_pwd_hash", encode($_POST[pwd]), $tm, "/"); 提示("用户 {$_POST['usr']} 注册成功!生成头像缓存需要一定时间等耐心等待……<p>之后你可以更改你的个人信息看看。", 取路径("user/panel.php")); } else { 异常("用户 {$_POST['usr']} 已存在!", 取路径("user/register.php?accept=1")); }
$p = new DataAccess(); $sql = "update grader set address='{$_POST['address']}',priority='{$_POST['priority']}',enabled='{$enabled}',memo='{$_POST['memo']}' where grid={$_REQUEST[grid]}"; $p->dosql($sql); 提示("修改评测机 {$_POST['address']} 成功!", 取路径("submit/graderlist.php")); } if ($_REQUEST['action'] == 'start') { $p = new DataAccess(); $sql = "select address from grader where grid={$_GET[grid]}"; $cnt = $p->dosql($sql); $d = $p->rtnrlt(0); $s['action'] = "start"; httpsocket($d['address'], $s); if ($s['state'] == "successful") { 提示("启动评测机 {$_GET[grid]} 成功!", 取路径("submit/graderlist.php")); } else { 异常("启动评测机 {$_GET[grid]} 失败!", 取路径("submit/graderlist.php")); } } if ($_REQUEST['action'] == 'stop') { $p = new DataAccess(); $sql = "select address from grader where grid={$_GET[grid]}"; $cnt = $p->dosql($sql); $d = $p->rtnrlt(0); $s['action'] = "shutdown"; httpsocket($d['address'], $s); if ($s['state'] == "successful") { 提示("关闭评测机 {$_GET[grid]} 成功!", 取路径("submit/graderlist.php")); } else { 异常("关闭评测机 {$_GET[grid]} 失败!", 取路径("submit/graderlist.php")); } }
<?php require_once "../include/header.php"; gethead(1, "sess", "登录日志", $_GET['uid']); $p = new DataAccess(); if ($_GET['uid'] != $_SESSION['ID'] && !有此权限("查看用户")) { 异常("不是本人并且没有权限查看!", 取路径("user/detail.php?uid={$_GET['uid']}")); } ?> <form action="" method="get" class='form-inline center'> 检索: 用户UID <input name="uid" type="number" value="<?php echo $_GET['uid']; ?> " class='span1' /> <button type="submit" class='btn btn-primary'>检索</button> </form> <?php $sql = "select login.*,userinfo.email,userinfo.realname from login,userinfo where login.uid=userinfo.uid"; if ($_GET['uid']) { $sql .= " and login.uid={$_GET['uid']}"; } $sql .= " order by ltime desc"; $cnt = $p->dosql($sql); $st = 检测页面($cnt, $_GET['page']); ?> <div class='row-fluid'> <table class='table table-striped table-condensed table-bordered fiexd'> <thead><tr> <th width=40px>编号</th>
$pb = 1; } } if (!有此权限('查看比赛')) { if (time() < $e[starttime]) { i异常("比赛尚未开始!", 取路径("contest/index.php")); } if ($d[readforce] > $_SESSION[readforce]) { i异常("你没有该场比赛的参与权限!", 取路径("contest/index.php")); } if ($_SESSION['ID'] != $_GET['uid'] && time() < $e[endtime]) { $uid = $_SESSION['ID']; } } } else { i异常("未查询到记录!", 取路径("contest/index.php")); } gethead(1, "", "{$e['cname']} - {$d['pid']}. {$d['probname']}"); $LIB->mathjax(); $r = new DataAccess(); ?> <div class='row-fluid'> <div id='leftbar' class='span4'> <table class='table table-striped table-condensed table-bordered fiexd'> <tr> <th style="width: 5em;">比赛名称</th> <td><b><?php echo $e[cname]; ?> </b></td>
<?php require_once "../include/header.php"; $p = new DataAccess(); $sql = "select compbase.cname,problem.pid,problem.filename,problem.probname,userinfo.uid,userinfo.nickname,userinfo.realname,comptime.endtime,compscore.* from problem,compscore,comptime,compbase,userinfo where compscore.pid=problem.pid and comptime.ctid=compscore.ctid and userinfo.uid=compscore.uid and compscore.csid={$_GET[csid]} and compbase.cbid=comptime.cbid"; $cnt = $p->dosql($sql); if ($cnt) { $d = $p->rtnrlt(0); if (!有此权限("查看比赛") && (time() < $d['endtime'] && $_SESSION['ID'] != $d['uid'])) { 异常("比赛未结束!", 取路径("contest/index.php")); } if ($d[lang] == 0) { $ext = "pas"; } else { if ($d[lang] == 1) { $ext = "c"; } else { if ($d[lang] == 2) { $ext = "cpp"; } } } $fp = fopen("{$SET['dir_competition']}{$d[ctid]}/{$d[uid]}/{$d[filename]}.{$ext}", "r"); if (is_resource($fp)) { $code = rfile($fp); } fclose($fp); $code = mb_convert_encoding($code, "utf-8", "gbk"); } else { 异常("提交记录不存在"); }
<?php require_once "../include/header.php"; $p = new DataAccess(); $uid = (int) $_GET['uid']; $user = $_GET['user']; if ($uid) { $sql = "select userinfo.*,groups.gname,groups.gid from userinfo,groups where userinfo.uid={$uid} and userinfo.gbelong=groups.gid"; } else { $sql = "select userinfo.*,groups.gname,groups.gid from userinfo,groups where (userinfo.uid='{$user}' OR userinfo.nickname='{$user}' OR userinfo.realname='{$user}' OR userinfo.usr='******') and userinfo.gbelong=groups.gid"; } $cnt = $p->dosql($sql); if (!$cnt) { 异常("无此用户!", 取路径("user/index.php")); } $d = $p->rtnrlt(0); $uid = $d['uid']; gethead(1, "", "{$d['nickname']}", $uid); $q = new DataAccess(); ?> <div class='row-fluid'> <div class='span4'> <table class='table table-striped table-condensed table-bordered fiexd'> <tr> <th style="width: 5em;">用户编号</th> <td><?php echo $d['uid']; ?> </td> </tr> <tr>
<?php require_once "../include/header.php"; gethead(8, "修改比赛", ""); if ($_REQUEST[action] == 'add') { $p = new DataAccess(); @($cons = implode(":", $_POST[cons])); $sql = "insert into compbase(cname,contains,ouid) values('{$_POST[cname]}','{$cons}',{$_SESSION[ID]})"; $p->dosql($sql); 提示("添加比赛 {$_POST[cname]} 成功!", 取路径("contest/compbase.php")); } if ($_REQUEST[action] == 'edit') { $p = new DataAccess(); @($cons = implode(":", $_POST[cons])); $sql = "update compbase set cname='{$_POST[cname]}',contains='{$cons}' where cbid={$_REQUEST[cbid]}"; $p->dosql($sql); 提示("修改比赛 {$_POST[cname]} 成功!", 取路径("contest/compbase.php")); }
<?php require_once "../include/header.php"; gethead(8, "修改比赛", ""); 过滤(); if ($_REQUEST[action] == 'add') { $p = new DataAccess(); $starttime = mktime($_POST[st_h], $_POST[st_i], $_POST[st_s], $_POST[st_m], $_POST[st_d], $_POST[st_y]); $endtime = mktime($_POST[et_h], $_POST[et_i], $_POST[et_s], $_POST[et_m], $_POST[et_d], $_POST[et_y]); $sc = 0; if ($_POST[showscore]) { $sc = 1; } $sql = "insert into comptime(cbid,intro,starttime,endtime,showscore,`group`) values('{$_POST[cbid]}','{$_POST[intro]}',{$starttime},{$endtime},{$sc},'{$_POST['group']}')"; $p->dosql($sql); 提示("添加比赛场次 {$_POST[cbid]} - {$_POST[intro]} 成功!", 取路径("contest/compbase.php")); } if ($_REQUEST[action] == 'edit') { $p = new DataAccess(); $starttime = mktime($_POST[st_h], $_POST[st_i], $_POST[st_s], $_POST[st_m], $_POST[st_d], $_POST[st_y]); $endtime = mktime($_POST[et_h], $_POST[et_i], $_POST[et_s], $_POST[et_m], $_POST[et_d], $_POST[et_y]); $sc = 0; if ($_POST[showscore]) { $sc = 1; } $sql = "update comptime set cbid='{$_POST[cbid]}',intro='{$_POST[intro]}',starttime={$starttime},endtime={$endtime},showscore={$sc},`group`={$_POST['group']} where ctid={$_REQUEST[ctid]}"; $p->dosql($sql); 提示("修改比赛场次 {$_POST[cbid]} - {$_POST[intro]} 成功!", 取路径("contest/compbase.php")); }
if (!$pwd) { $pwd = $_COOKIE['cogs_pwd_hash']; } $sql = "select * from userinfo where usr='******'"; $cnt = $p->dosql($sql); if ($cnt == 0) { i异常("用户不存在!", 取路径("user/login.php")); } else { $d = $p->rtnrlt(0); if ($pwd == $d['pwdhash'] || encode($_REQUEST['password']) == $d['pwdhash']) { $LIB->get_userinfo($d['uid']); $q = new DataAccess(); $sql = "UPDATE `userinfo` SET `lastip` = '{$_SERVER['REMOTE_ADDR']}' WHERE `uid` ={$d['uid']}"; $q->dosql($sql); $sql = "insert into login(uid,ua,ip,ltime,version) values({$d['uid']},'" . mysql_real_escape_string($_SERVER['HTTP_USER_AGENT']) . "','{$_SERVER['REMOTE_ADDR']}',NOW(),'" . mysql_real_escape_string($cfg['dir_root']) . "')"; if ($SET['login_log']) { $q->dosql($sql); } if ($_REQUEST['savepwd']) { $tm = time() + 7776000; setcookie("cogs_usr", $usr, $tm, "/"); setcookie("cogs_pwd_hash", $d['pwdhash'], $tm, "/"); } if (!$_REQUEST['from']) { $_REQUEST['from'] = base64_encode("/" . $SET['global_root']); } i提示("用户 {$d['nickname']} 登录成功!{$_REQUEST['savepwd']}", $_REQUEST['from']); } else { i异常("密码错误,登录失败!", 取路径("user/login.php")); } }
} else { 异常("旧密码不正确!", 取路径("user/panel.php")); } } else { 异常("两次输入的密码不匹配!", 取路径("user/panel.php")); } } else { if ($_POST[action] == "editpwdans") { $p = new DataAccess(); $sql = "select pwdhash,nickname from userinfo where uid={$_GET[uid]}"; $p->dosql($sql); $d = $p->rtnrlt(0); $uid = (int) $_GET['uid']; if ($d['pwdhash'] == encode($_POST['opwd'])) { if (!preg_match('/(.{0,64})/', $_POST['passwordtip'])) { 异常("提示问题长度必须在[0,64]中。", $regpage); } if (!preg_match('/(.{0,64})/', $_POST['passwordtipans'])) { 异常("提示问题答案长度必须在[0,64]中。", $regpage); } $que = htmlspecialchars($_POST['qus']); $ans = encode($_POST['ans']); $sql = "update userinfo set pwdtipques='{$que}',pwdtipanshash='{$ans}' where uid={$uid}"; $p->dosql($sql); 提示("用户 {$nickname} 的密码提示问题修改成功!", 取路径("user/panel.php")); } else { 异常("旧密码不正确!", 取路径("user/panel.php")); } } } }
$promise = false; if ($uid == $d['addid']) { $promise = true; } foreach ($subgroup as $value) { if ($value == (int) $_SESSION['group']) { $promise = true; break; } } if (!$promise && !有此权限('查看题目')) { 异常("没有阅读权限!", 取路径("problem/index.php")); } $pid = $d[pid]; } else { 异常("无此题目!!", 取路径("problem/index.php")); } ?> <div class='row-fluid'> <div id="leftbar" class='span4'> <table class='table table-striped table-condensed table-bordered fiexd'> <tr><th style="min-width: 5em;">题目名称</th> <td style="min-width: 80%;"><?php echo $d['pid']; ?> . <b><?php echo $d['probname']; ?> </b></td></tr> <tr><th>输入输出</th>
<?php require_once "../include/header.php"; gethead(8, "分类管理", ""); 过滤(); if ($_REQUEST['action'] == 'add') { $p = new DataAccess(); $sql = "insert into category(cname,memo) values('{$_POST['cname']}','{$_POST['memo']}')"; $p->dosql($sql); 提示("添加分类 {$_POST['cname']} 成功!", 取路径("problem/catelist.php")); } if ($_REQUEST['action'] == 'edit') { $p = new DataAccess(); $sql = "update category set cname='{$_POST['cname']}',memo='{$_POST['memo']}' where caid={$_REQUEST['caid']}"; $p->dosql($sql); 提示("编辑分类 {$_POST['cname']} 成功!", 取路径("problem/catelist.php")); }