<?php
require_once "../include/header.php";
gethead(1, "sess", "评测");
if (!$_POST['pid']) {
异常("你来错地方了!");
}
$LIB->hlighter();
$LIB->func_socket();
$p = new DataAccess();
$sql = "select * from problem where pid={$_POST['pid']}";
$p->dosql($sql);
$d = $p->rtnrlt(0);
if (!$d['submitable'] && !有此权限('查看题目')) {
异常("不可提交!", 取路径("problem/index.php"));
}
$lang = langstrtonum($_POST['lang']);
$info = array();
$info['pid'] = $_POST['pid'];
$info['sid'] = $_POST['sid'];
$info['uid'] = $_SESSION['ID'];
$info['language'] = $lang;
$info['pname'] = $d['filename'];
$info['datacnt'] = $d['datacnt'];
$info['timelimit'] = $d['timelimit'];
$ptitle = $d['probname'];
$info['memorylimit'] = $d['memorylimit'];
$info['plugin'] = $d['plugin'];
$info['compiledir'] = $SET['dir_source'];
$info['mode'] = "normal";
if ($_POST['testmode'] == '1' && 有此权限('测试题目')) {
<?php
require_once "../include/header.php";
gethead(8, "修改用户", "");
$p = new DataAccess();
过滤();
if ($_GET[action] == "del") {
$sql = "select admin,uid from userinfo where uid={$_GET[uid]}";
$cnt = $p->dosql($sql);
if (!$cnt) {
异常("无此用户!", 取路径("user/index.php"));
}
$d = $p->rtnrlt(0);
$sql = "delete from userinfo where uid={$_GET[uid]}";
$p->dosql($sql);
提示("删除用户成功!", 取路径("user/index.php"));
} else {
if ($_GET[action] == "edit") {
$tt = "";
$sql = "update userinfo set nickname='{$_POST[nickname]}' ,readforce={$_POST[readforce]} ,email='{$_POST[email]}',memo='{$_POST[memo]}',realname='{$_POST[realname]}',gbelong={$_POST[gbelong]} where uid={$_GET[uid]}";
$p->dosql($sql);
if ($_POST['reset'] == "reset") {
$sql = "update userinfo set pwdhash='" . encode("") . "' where uid={$_GET[uid]}";
$p->dosql($sql);
$ttt = "并且重置密码为空。";
}
提示("编辑用户成功!{$ttt}", 取路径("user/detail.php?uid={$_GET['uid']}"));
}
}
<?php
require_once "../include/header.php";
gethead(8, "admin", "");
过滤();
$p = new DataAccess();
$sql = "update settings set value='{$_POST[value]}' where ssid={$_REQUEST[ssid]}";
$p->dosql($sql);
提示("修改参数<code>{$_REQUEST[ssid]}</code>成功!", 取路径("admin/settings.php?settings=settings"));
$d = $p->rtnrlt(0);
echo "{$d[pwdtipques]}?";
?>
</span></p>
<p>上面问题的答案
<input name="ans" type="text" id="ans" />
</p>
<p>
<button type="submit" class='btn'>下一步</button>
<input name="User" type="hidden" id="User" value="<?php
echo $_POST['User'];
?>
" />
</p>
</form>
<?php
}
} else {
$sql = "select pwdtipanshash from userinfo where usr='******'User'] . "'";
$p->dosql($sql);
$d = $p->rtnrlt(0);
if ($d[pwdtipanshash] == encode($_POST[ans])) {
$sql = "update userinfo set pwdhash='" . encode("") . "' where usr='******'User'] . "'";
$p->dosql($sql);
提示("密码已经被清空,请立刻登录并修改密码!");
} else {
异常("密码提示问题的答案不正确!", 取路径("user/lost.php"));
}
}
}
include_once "../include/footer.php";
<?php
require_once "../include/header.php";
gethead(0, "sess", "");
if (!有此权限('查看用户') && $_SESSION['ID'] != $_GET['uid']) {
异常("没有权限,且不是本人!", 取路径("user/detail.php?uid={$_GET['uid']}"));
}
chdir($SET['dir_source']);
$uid = (int) $_GET['uid'];
$dir = "{$uid}";
$src = "tmp.zip";
exec("rm {$src}");
$zip = "zip -r {$src} {$dir}";
exec($zip);
header("Content-type: application/zip");
header("Content-Disposition: attachment; filename=\"{$dir}.zip\"");
@readfile($src);
?>
<?php
require_once "../include/header.php";
gethead(8, "sess", "");
过滤();
$p = new DataAccess();
if (!$_POST['pid']) {
异常("没有选择题目!", 取路径("problem/index.php"));
}
if (!$_POST['title']) {
异常("没有填写题解名称!", 取路径("problem/problem.php?pid={$_POST['pid']}"));
}
$sql = "select * from solution where `link`='' limit 1";
$cnt = $p->dosql($sql);
if (!$cnt) {
$sql1 = "insert into category(cname,memo) values('{$_POST['cname']}','{$_POST['memo']}')";
$p->dosql($sql1);
} else {
提示("添加题目 {$_POST['pid']} 分类 “{$e['caid']}. {$_POST['cname']}” 成功,虽然它之前就已经存在了!", 取路径("problem/problem.php?pid={$_POST['pid']}"));
}
if ($pid) {
$sql = "select probname from problem where pid={$pid} limit 1";
$cnt = $p->dosql($sql);
if ($cnt) {
$e = $p->rtnrlt(0);
} else {
异常("无此题目!", 取路径("problem/commentlist.php"));
}
} else {
if ($aid) {
$sql = "select title from page where aid={$aid} limit 1";
$cnt = $p->dosql($sql);
if ($cnt) {
$e = $p->rtnrlt(0);
} else {
异常("无此页面!", 取路径("page/index.php"));
}
} else {
异常("什么也没找到!");
}
}
?>
<div class='container-fluid'>
<form method="post" action="sendcomments.php" class='form-horizontal' id="tijiao">
<div class='modal-header'>
<h3><?php
echo $cid ? "修改" : "发表";
?>
<?php
if ($pid) {
if (!file_exists($_SESSION[ID])) {
mkdir($_SESSION[ID]);
chmod($_SESSION[ID], 0775);
}
chdir($_SESSION[ID]);
if (file_exists($fname)) {
unlink($fname);
}
move_uploaded_file($_FILES['file']['tmp_name'], $fname);
chmod($fname, 0775);
if (!file_exists($fname)) {
异常("比赛提交代码文件 {$fname} 失败!", 取路径("contest/problem.php?pid={$_POST['pid']}&ctid={$_POST['ctid']}"));
}
$p = new DataAccess();
$sql = "select csid from compscore where uid={$_SESSION[ID]} and pid={$_POST[pid]} and ctid={$_POST[ctid]}";
$cnt = $p->dosql($sql);
if ($cnt) {
$sql = "update compscore set subtime=" . time() . ",lang={$nlang} where ctid={$_POST[ctid]} and uid={$_SESSION[ID]} and pid={$_POST[pid]}";
$p->dosql($sql);
} else {
$sql = "insert into compscore(ctid,uid,pid,subtime,lang) values({$_POST[ctid]},{$_SESSION[ID]},{$_POST[pid]}," . time() . ",{$nlang})";
$p->dosql($sql);
}
$sql = "select csid from compscore where uid={$_SESSION[ID]} and pid={$_POST[pid]} and ctid={$_POST[ctid]}";
$cnt = $p->dosql($sql);
if ($cnt) {
$d = $p->rtnrlt(0);
提示("比赛提交代码成功!", 取路径("contest/code.php?csid={$d['csid']}"));
} else {
异常("比赛提交代码失败!", 取路径("contest/problem.php?pid={$_POST['pid']}&ctid={$_POST['ctid']}"));
}
<?php
require_once "../include/header.php";
gethead(8, "分组管理", "");
过滤();
if ($_REQUEST[action] == 'add') {
$p = new DataAccess();
$sql = "insert into groups(gname,memo,adminuid,parent) values('{$_POST[gname]}','{$_POST[memo]}','{$_POST['adminuid']}','{$_POST['parent']}')";
$p->dosql($sql);
提示("添加分组 {$_POST[gname]} 成功!", 取路径("user/grouplist.php"));
}
if ($_REQUEST[action] == 'edit') {
$p = new DataAccess();
$sql = "update groups set gname='{$_POST[gname]}',memo='{$_POST[memo]}',adminuid='{$_POST['adminuid']}',parent='{$_POST['parent']}' where gid={$_REQUEST[gid]}";
$p->dosql($sql);
提示("修改分组 {$_POST[gname]} 成功!", 取路径("user/grouplist.php"));
}
}
$subgroup = $LIB->getsubgroup($q, $d['gid']);
$subgroup[0] = $d['gid'];
$promise = false;
foreach ($subgroup as $value) {
if ($value == (int) $_SESSION['group']) {
$promise = true;
break;
}
}
if (!$promise && !有此权限('查看页面')) {
exit;
}
$aid = $d[aid];
} else {
异常("页面不存在!", 取路径("page/index.php"));
}
?>
<div class='row-fluid'>
<div class='page'>
<div class="problem tou">
<h1><?php
echo $d['title'];
if (有此权限('修改页面')) {
?>
<a href="editpage.php?action=edit&aid=<?php
echo $d['aid'];
?>
" title="修改页面 <?php
echo $d['title'];
<?php
require_once "../include/header.php";
gethead(8, "普通用户", "");
$txt = "";
$path = 路径("images/gravatar") . '/';
$email = $_GET['email'];
for ($i = 0; $i <= 200; $i++) {
$file = $path . $email . "s{$i}";
if (file_exists($file)) {
unlink($file);
$txt .= "<p>清除 " . $file . " 中... </p>";
}
}
提示($txt . "重建头像缓存完成!", 取路径("user/panel.php"));
gethead(8, "sess", "");
$p = new DataAccess();
$scd = (int) $_POST['showcode'];
$uid = (int) $_SESSION['ID'];
$pid = (int) $_POST['pid'];
$aid = (int) $_POST['aid'];
$cid = (int) $_POST['cid'];
$detail = mysql_real_escape_string($_POST['detail']);
$showcode = (int) $_POST['showcode'];
$tm = time();
if ($cid) {
$sql = "update comments set detail='{$detail}', stime={$tm} ,showcode={$showcode} where cid={$cid}";
} else {
if ($pid) {
$sql = "insert into comments(pid,uid,detail,stime,showcode) values({$pid},{$uid},'{$detail}',{$tm} ,{$showcode})";
} else {
if ($aid) {
$sql = "insert into comments(aid,uid,detail,stime,showcode) values({$aid},{$uid},'{$detail}',{$tm} ,{$showcode})";
} else {
异常("发表评论失败!", 取路径("problem/comments.php"));
}
}
}
$cnt = $p->dosql($sql);
if ($pid) {
提示("发表评论成功!", 取路径("problem/comments.php?pid={$pid}"));
} else {
if ($aid) {
提示("发表评论成功!", 取路径("problem/comments.php?aid={$aid}"));
}
}
exec("tree -ah > /tmp/cogs_back_info.log");
flush();
echo "<p><pre>" . file_get_contents("/tmp/cogs_back_info.log") . "</pre><p>";
if (file_exists("{$filename}.tar.gz")) {
echo "<span class=ok>成功导出全部测试数据!</span>";
} else {
echo "<span class=no>导出测试数据失败!</span>";
}
} else {
if ($_POST['backtype'] == "showback") {
echo "<h4>备份文件夹<code>{$SET['dir_databackup']}</code>下的内容如下:</h4>";
flush();
exec("tree -ah > /tmp/cogs_back_info.log");
echo "<pre>" . file_get_contents("/tmp/cogs_back_info.log") . "</pre>";
} else {
异常("未定义的操作!", 取路径("admin/backup.php"));
}
}
}
}
}
?>
<a href="backup.php">返回备份与恢复页面</a>
</div>
<?php
chdir($ima);
include_once "../include/footer.php";
?>
正在连接评测机...
<?php
flush();
$free = $Cp->getgds($_POST['judger']);
if (!$free) {
//$Cp->unlock();
异常("当前没有空闲的评测机,请稍后重新提交。", 取路径("problem/problem.php?pid={$_POST['pid']}"));
}
$Cp->lock();
$Cp->getdir();
if ($_POST['rejudge'] == 1) {
$Cp->get_rejudge_src($src);
} else {
if (!$Cp->getupload()) {
$Cp->unlock();
异常("源代码上传失败。请检查文件大小。", 取路径("problem/problem.php?pid={$_POST['pid']}"));
}
}
?>
<span class='badge badge-info'><?php
echo $Cp->state['grid'];
?>
</span>
<span class='label label-info'><?php
echo $Cp->state['name'];
?>
<?php
echo $Cp->state['ver'];
?>
</span>
<?php
require_once "../include/header.php";
gethead(8, "修改页面", "");
过滤();
//date_default_timezone_set("Asia/Shanghai");
if ($_REQUEST[action] == 'add') {
$p = new DataAccess();
$sql = "insert into page(title,`force`,`text`,`time`,etime,uid,`group`) values('{$_POST[title]}','{$_POST[force]}','" . $_POST[text] . "','" . time() . "','" . time() . "','{$_SESSION[ID]}','{$_POST['group']}')";
$p->dosql($sql);
$d = $p->rtnrlt(0);
$aid = $d['aid'];
提示("新建页面 {$_POST[title]} 成功", 取路径("page/page.php?aid={$aid}"));
} else {
if ($_REQUEST[action] == 'edit') {
$p = new DataAccess();
$sql = "update page set title='{$_POST[title]}',`force`={$_POST[force]}, etime=" . time() . ",`text`='" . $_POST[text] . "',`group`='{$_POST['group']}' where aid={$_REQUEST[aid]}";
$p->dosql($sql);
$aid = $_REQUEST[aid];
提示("修改页面 {$_POST[title]} 成功", 取路径("page/page.php?aid={$aid}"));
} else {
if ($_REQUEST[action] == 'del') {
$p = new DataAccess();
$sql = "delete from page where aid={$_REQUEST[aid]}";
$p->dosql($sql);
$aid = 0;
异常("删除页面 {$_REQUEST[aid]} 成功", 取路径("page/index.php"));
}
}
}
?>
<?php
require_once "../include/header.php";
gethead(8, "sess", "");
$p = new DataAccess();
$_POST['fromid'] = (int) $_POST['fromid'];
$_POST['toid'] = (int) $_POST['toid'];
if (!$_POST['fromid']) {
异常("发件人错误!", 取路径("mail/index.php"));
}
if (!$_POST['toid']) {
异常("收件人错误!", 取路径("mail/index.php"));
}
if (!$_POST['title']) {
异常("标题错误!", 取路径("mail/index.php"));
}
if (!$_POST['msg']) {
异常("信件内容错误!", 取路径("mail/index.php"));
}
$sql = "insert into mail(mid, fromid, toid, time, readed, title, msg) values(0, {$_POST['fromid']}, {$_POST['toid']}, " . time() . ", 0, '{$_POST['title']}', '{$_POST['msg']}')";
$p->dosql($sql);
// or die(mysql_error());
提示("发送邮件成功!", 取路径("mail/index.php"));
}
}
$sql = "update problem set probname='{$_POST['probname']}',filename='{$_POST[filename]}',readforce={$rf},submitable={$sub},datacnt={$_POST[datacnt]},timelimit={$_POST[timelimit]},memorylimit={$_POST[memorylimit]},detail='" . $_POST['detail'] . "',difficulty={$_POST[difficulty]},plugin='{$_POST['plugin']}',`group`='{$_POST['group']}' where pid={$_REQUEST['pid']}";
$p->dosql($sql);
foreach ($_POST[cate] as $k => $v) {
$sql = "select tid from tag where caid={$k} and pid={$_REQUEST[pid]}";
$cnt = $p->dosql($sql);
if (!$cnt) {
if ($v) {
$sql = "insert into tag(pid,caid) values({$_REQUEST[pid]},{$k})";
}
} else {
if (!$v) {
$sql = "delete from tag where pid={$_REQUEST[pid]} and caid={$k}";
}
}
$p->dosql($sql);
}
$pid = $_REQUEST[pid];
提示("{$ff} 修改题目 {$pid} 成功!", 取路径("problem/problem.php?pid={$pid}"), 60);
}
}
/* else if ($_REQUEST[action]=='del') {
if(!有此权限("修改题目"))
异常("没有修改权限!", 取路径("problem/index.php"));
$p=new DataAccess();
$sql="delete from problem where pid={$_REQUEST['pid']}";
$p->dosql($sql);
$pid=0;
提示("删除题目 $pid 成功!", 取路径("problem/index.php"));
}*/
if (!preg_match('/(\\S{1,20})/', $_POST['nickname'])) {
异常("昵称长度必须在[2,20]中。", $regpage);
}
if (!preg_match('/(\\S*@\\S*\\.\\S*)/', $_POST['email'])) {
异常("电子邮箱格式不正确。", $regpage);
}
if (!preg_match('/(\\S{0,8})/', $_POST['realname'])) {
异常("真实姓名长度必须在[0,8]中,应该是汉字。", $regpage);
}
if (!preg_match('/(.{0,64})/', $_POST['passwordtip'])) {
异常("提示问题长度必须在[0,64]中。", $regpage);
}
if (!preg_match('/(.{0,64})/', $_POST['passwordtipans'])) {
异常("提示问题答案长度必须在[0,64]中。", $regpage);
}
$sql = "insert into userinfo(uid,usr,nickname,readforce,admin,regtime,pwdhash,pwdtipques,pwdtipanshash,memo,realname,email,gbelong,user_style,style) values (0, '{$_POST[usr]}','{$_POST[nickname]}','{$SET['reg_readforce']}',0, " . time() . ",'" . encode($_POST[pwd]) . "' ,'{$_POST[passwordtip]}' , '" . encode($_POST[passwordtipans]) . "', '{$_POST[memo]}','{$_POST['realname']}','{$_POST['email']}','{$SET['reg_defgroup']}','{$SET['user_style']}', 0)";
$p->dosql($sql);
$sql = "select * from userinfo where usr='******'usr'] . "'";
$cnt2 = $p->dosql($sql);
if ($cnt2 == 1) {
$d = $p->rtnrlt(0);
} else {
异常("用户 {$_POST['usr']} 注册失败!", 取路径("user/register.php?accept=1"));
}
$tm = time() + 7776000;
setcookie("cogs_usr", $_POST[usr], $tm, "/");
setcookie("cogs_pwd_hash", encode($_POST[pwd]), $tm, "/");
提示("用户 {$_POST['usr']} 注册成功!生成头像缓存需要一定时间等耐心等待……<p>之后你可以更改你的个人信息看看。", 取路径("user/panel.php"));
} else {
异常("用户 {$_POST['usr']} 已存在!", 取路径("user/register.php?accept=1"));
}
$p = new DataAccess();
$sql = "update grader set address='{$_POST['address']}',priority='{$_POST['priority']}',enabled='{$enabled}',memo='{$_POST['memo']}' where grid={$_REQUEST[grid]}";
$p->dosql($sql);
提示("修改评测机 {$_POST['address']} 成功!", 取路径("submit/graderlist.php"));
}
if ($_REQUEST['action'] == 'start') {
$p = new DataAccess();
$sql = "select address from grader where grid={$_GET[grid]}";
$cnt = $p->dosql($sql);
$d = $p->rtnrlt(0);
$s['action'] = "start";
httpsocket($d['address'], $s);
if ($s['state'] == "successful") {
提示("启动评测机 {$_GET[grid]} 成功!", 取路径("submit/graderlist.php"));
} else {
异常("启动评测机 {$_GET[grid]} 失败!", 取路径("submit/graderlist.php"));
}
}
if ($_REQUEST['action'] == 'stop') {
$p = new DataAccess();
$sql = "select address from grader where grid={$_GET[grid]}";
$cnt = $p->dosql($sql);
$d = $p->rtnrlt(0);
$s['action'] = "shutdown";
httpsocket($d['address'], $s);
if ($s['state'] == "successful") {
提示("关闭评测机 {$_GET[grid]} 成功!", 取路径("submit/graderlist.php"));
} else {
异常("关闭评测机 {$_GET[grid]} 失败!", 取路径("submit/graderlist.php"));
}
}
<?php
require_once "../include/header.php";
gethead(1, "sess", "登录日志", $_GET['uid']);
$p = new DataAccess();
if ($_GET['uid'] != $_SESSION['ID'] && !有此权限("查看用户")) {
异常("不是本人并且没有权限查看!", 取路径("user/detail.php?uid={$_GET['uid']}"));
}
?>
<form action="" method="get" class='form-inline center'>
检索: 用户UID
<input name="uid" type="number" value="<?php
echo $_GET['uid'];
?>
" class='span1' />
<button type="submit" class='btn btn-primary'>检索</button>
</form>
<?php
$sql = "select login.*,userinfo.email,userinfo.realname from login,userinfo where login.uid=userinfo.uid";
if ($_GET['uid']) {
$sql .= " and login.uid={$_GET['uid']}";
}
$sql .= " order by ltime desc";
$cnt = $p->dosql($sql);
$st = 检测页面($cnt, $_GET['page']);
?>
<div class='row-fluid'>
<table class='table table-striped table-condensed table-bordered fiexd'>
<thead><tr>
<th width=40px>编号</th>
$pb = 1;
}
}
if (!有此权限('查看比赛')) {
if (time() < $e[starttime]) {
i异常("比赛尚未开始!", 取路径("contest/index.php"));
}
if ($d[readforce] > $_SESSION[readforce]) {
i异常("你没有该场比赛的参与权限!", 取路径("contest/index.php"));
}
if ($_SESSION['ID'] != $_GET['uid'] && time() < $e[endtime]) {
$uid = $_SESSION['ID'];
}
}
} else {
i异常("未查询到记录!", 取路径("contest/index.php"));
}
gethead(1, "", "{$e['cname']} - {$d['pid']}. {$d['probname']}");
$LIB->mathjax();
$r = new DataAccess();
?>
<div class='row-fluid'>
<div id='leftbar' class='span4'>
<table class='table table-striped table-condensed table-bordered fiexd'>
<tr>
<th style="width: 5em;">比赛名称</th>
<td><b><?php
echo $e[cname];
?>
</b></td>
<?php
require_once "../include/header.php";
$p = new DataAccess();
$sql = "select compbase.cname,problem.pid,problem.filename,problem.probname,userinfo.uid,userinfo.nickname,userinfo.realname,comptime.endtime,compscore.* from problem,compscore,comptime,compbase,userinfo where compscore.pid=problem.pid and comptime.ctid=compscore.ctid and userinfo.uid=compscore.uid and compscore.csid={$_GET[csid]} and compbase.cbid=comptime.cbid";
$cnt = $p->dosql($sql);
if ($cnt) {
$d = $p->rtnrlt(0);
if (!有此权限("查看比赛") && (time() < $d['endtime'] && $_SESSION['ID'] != $d['uid'])) {
异常("比赛未结束!", 取路径("contest/index.php"));
}
if ($d[lang] == 0) {
$ext = "pas";
} else {
if ($d[lang] == 1) {
$ext = "c";
} else {
if ($d[lang] == 2) {
$ext = "cpp";
}
}
}
$fp = fopen("{$SET['dir_competition']}{$d[ctid]}/{$d[uid]}/{$d[filename]}.{$ext}", "r");
if (is_resource($fp)) {
$code = rfile($fp);
}
fclose($fp);
$code = mb_convert_encoding($code, "utf-8", "gbk");
} else {
异常("提交记录不存在");
}
<?php
require_once "../include/header.php";
$p = new DataAccess();
$uid = (int) $_GET['uid'];
$user = $_GET['user'];
if ($uid) {
$sql = "select userinfo.*,groups.gname,groups.gid from userinfo,groups where userinfo.uid={$uid} and userinfo.gbelong=groups.gid";
} else {
$sql = "select userinfo.*,groups.gname,groups.gid from userinfo,groups where (userinfo.uid='{$user}' OR userinfo.nickname='{$user}' OR userinfo.realname='{$user}' OR userinfo.usr='******') and userinfo.gbelong=groups.gid";
}
$cnt = $p->dosql($sql);
if (!$cnt) {
异常("无此用户!", 取路径("user/index.php"));
}
$d = $p->rtnrlt(0);
$uid = $d['uid'];
gethead(1, "", "{$d['nickname']}", $uid);
$q = new DataAccess();
?>
<div class='row-fluid'>
<div class='span4'>
<table class='table table-striped table-condensed table-bordered fiexd'>
<tr>
<th style="width: 5em;">用户编号</th>
<td><?php
echo $d['uid'];
?>
</td>
</tr>
<tr>
<?php
require_once "../include/header.php";
gethead(8, "修改比赛", "");
if ($_REQUEST[action] == 'add') {
$p = new DataAccess();
@($cons = implode(":", $_POST[cons]));
$sql = "insert into compbase(cname,contains,ouid) values('{$_POST[cname]}','{$cons}',{$_SESSION[ID]})";
$p->dosql($sql);
提示("添加比赛 {$_POST[cname]} 成功!", 取路径("contest/compbase.php"));
}
if ($_REQUEST[action] == 'edit') {
$p = new DataAccess();
@($cons = implode(":", $_POST[cons]));
$sql = "update compbase set cname='{$_POST[cname]}',contains='{$cons}' where cbid={$_REQUEST[cbid]}";
$p->dosql($sql);
提示("修改比赛 {$_POST[cname]} 成功!", 取路径("contest/compbase.php"));
}
<?php
require_once "../include/header.php";
gethead(8, "修改比赛", "");
过滤();
if ($_REQUEST[action] == 'add') {
$p = new DataAccess();
$starttime = mktime($_POST[st_h], $_POST[st_i], $_POST[st_s], $_POST[st_m], $_POST[st_d], $_POST[st_y]);
$endtime = mktime($_POST[et_h], $_POST[et_i], $_POST[et_s], $_POST[et_m], $_POST[et_d], $_POST[et_y]);
$sc = 0;
if ($_POST[showscore]) {
$sc = 1;
}
$sql = "insert into comptime(cbid,intro,starttime,endtime,showscore,`group`) values('{$_POST[cbid]}','{$_POST[intro]}',{$starttime},{$endtime},{$sc},'{$_POST['group']}')";
$p->dosql($sql);
提示("添加比赛场次 {$_POST[cbid]} - {$_POST[intro]} 成功!", 取路径("contest/compbase.php"));
}
if ($_REQUEST[action] == 'edit') {
$p = new DataAccess();
$starttime = mktime($_POST[st_h], $_POST[st_i], $_POST[st_s], $_POST[st_m], $_POST[st_d], $_POST[st_y]);
$endtime = mktime($_POST[et_h], $_POST[et_i], $_POST[et_s], $_POST[et_m], $_POST[et_d], $_POST[et_y]);
$sc = 0;
if ($_POST[showscore]) {
$sc = 1;
}
$sql = "update comptime set cbid='{$_POST[cbid]}',intro='{$_POST[intro]}',starttime={$starttime},endtime={$endtime},showscore={$sc},`group`={$_POST['group']} where ctid={$_REQUEST[ctid]}";
$p->dosql($sql);
提示("修改比赛场次 {$_POST[cbid]} - {$_POST[intro]} 成功!", 取路径("contest/compbase.php"));
}
if (!$pwd) {
$pwd = $_COOKIE['cogs_pwd_hash'];
}
$sql = "select * from userinfo where usr='******'";
$cnt = $p->dosql($sql);
if ($cnt == 0) {
i异常("用户不存在!", 取路径("user/login.php"));
} else {
$d = $p->rtnrlt(0);
if ($pwd == $d['pwdhash'] || encode($_REQUEST['password']) == $d['pwdhash']) {
$LIB->get_userinfo($d['uid']);
$q = new DataAccess();
$sql = "UPDATE `userinfo` SET `lastip` = '{$_SERVER['REMOTE_ADDR']}' WHERE `uid` ={$d['uid']}";
$q->dosql($sql);
$sql = "insert into login(uid,ua,ip,ltime,version) values({$d['uid']},'" . mysql_real_escape_string($_SERVER['HTTP_USER_AGENT']) . "','{$_SERVER['REMOTE_ADDR']}',NOW(),'" . mysql_real_escape_string($cfg['dir_root']) . "')";
if ($SET['login_log']) {
$q->dosql($sql);
}
if ($_REQUEST['savepwd']) {
$tm = time() + 7776000;
setcookie("cogs_usr", $usr, $tm, "/");
setcookie("cogs_pwd_hash", $d['pwdhash'], $tm, "/");
}
if (!$_REQUEST['from']) {
$_REQUEST['from'] = base64_encode("/" . $SET['global_root']);
}
i提示("用户 {$d['nickname']} 登录成功!{$_REQUEST['savepwd']}", $_REQUEST['from']);
} else {
i异常("密码错误,登录失败!", 取路径("user/login.php"));
}
}
} else {
异常("旧密码不正确!", 取路径("user/panel.php"));
}
} else {
异常("两次输入的密码不匹配!", 取路径("user/panel.php"));
}
} else {
if ($_POST[action] == "editpwdans") {
$p = new DataAccess();
$sql = "select pwdhash,nickname from userinfo where uid={$_GET[uid]}";
$p->dosql($sql);
$d = $p->rtnrlt(0);
$uid = (int) $_GET['uid'];
if ($d['pwdhash'] == encode($_POST['opwd'])) {
if (!preg_match('/(.{0,64})/', $_POST['passwordtip'])) {
异常("提示问题长度必须在[0,64]中。", $regpage);
}
if (!preg_match('/(.{0,64})/', $_POST['passwordtipans'])) {
异常("提示问题答案长度必须在[0,64]中。", $regpage);
}
$que = htmlspecialchars($_POST['qus']);
$ans = encode($_POST['ans']);
$sql = "update userinfo set pwdtipques='{$que}',pwdtipanshash='{$ans}' where uid={$uid}";
$p->dosql($sql);
提示("用户 {$nickname} 的密码提示问题修改成功!", 取路径("user/panel.php"));
} else {
异常("旧密码不正确!", 取路径("user/panel.php"));
}
}
}
}
$promise = false;
if ($uid == $d['addid']) {
$promise = true;
}
foreach ($subgroup as $value) {
if ($value == (int) $_SESSION['group']) {
$promise = true;
break;
}
}
if (!$promise && !有此权限('查看题目')) {
异常("没有阅读权限!", 取路径("problem/index.php"));
}
$pid = $d[pid];
} else {
异常("无此题目!!", 取路径("problem/index.php"));
}
?>
<div class='row-fluid'>
<div id="leftbar" class='span4'>
<table class='table table-striped table-condensed table-bordered fiexd'>
<tr><th style="min-width: 5em;">题目名称</th>
<td style="min-width: 80%;"><?php
echo $d['pid'];
?>
. <b><?php
echo $d['probname'];
?>
</b></td></tr>
<tr><th>输入输出</th>
<?php
require_once "../include/header.php";
gethead(8, "分类管理", "");
过滤();
if ($_REQUEST['action'] == 'add') {
$p = new DataAccess();
$sql = "insert into category(cname,memo) values('{$_POST['cname']}','{$_POST['memo']}')";
$p->dosql($sql);
提示("添加分类 {$_POST['cname']} 成功!", 取路径("problem/catelist.php"));
}
if ($_REQUEST['action'] == 'edit') {
$p = new DataAccess();
$sql = "update category set cname='{$_POST['cname']}',memo='{$_POST['memo']}' where caid={$_REQUEST['caid']}";
$p->dosql($sql);
提示("编辑分类 {$_POST['cname']} 成功!", 取路径("problem/catelist.php"));
}
