// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. //////////////////////////////////////////////////////////////////////////////// // Last modified 05/aug/2012 by cassio@ime.usp.br require 'header.php'; if (($ct = DBContestInfo($_SESSION["usertable"]["contestnumber"])) == null) { ForceLoad("{$loc}/index.php"); } if (isset($_GET["delete"]) && is_numeric($_GET["delete"])) { $param["number"] = $_GET["delete"]; if (!DBDeleteAnswer($_SESSION["usertable"]["contestnumber"], $param)) { MSGError('Error deleting answer'); LogError('Error deleting answer'); } ForceLoad("answer.php"); } if (isset($_POST["Submit3"]) && isset($_POST["answernumber"]) && is_numeric($_POST["answernumber"]) && isset($_POST["answername"]) && $_POST["answername"] != "" && isset($_POST["answeryes"])) { if ($_POST["confirmation"] == "confirm") { $param["number"] = $_POST["answernumber"]; $param["name"] = $_POST["answername"]; $param["yes"] = $_POST["answeryes"]; DBNewAnswer($_SESSION["usertable"]["contestnumber"], $param); } ForceLoad("answer.php"); } ?>
function DBNewAnswer($contest, $param, $c = null) { if (isset($param["action"]) && $param["action"] == "delete") { return DBDeleteAnswer($contestnumber, $param, $c); } $ac = array('number', 'name', 'yes'); $type['number'] = 1; foreach ($ac as $key) { if (!isset($param[$key])) { MSGError("DBNewAnswer param error: {$key} is not set"); return false; } ${$key} = sanitizeText($param[$key]); if (isset($type[$key]) && !is_numeric($param[$key])) { MSGError("DBNewAnswer param error: {$key} is not numeric"); return false; } } $t = time(); $updatetime = $t; if (isset($param['updatetime']) && is_numeric($param["updatetime"])) { $updatetime = $param["updatetime"]; } if ($yes != "t") { $y = "f"; } else { $y = "t"; } $cw = false; if ($c == null) { $cw = true; $c = DBConnect(); DBExec($c, "begin work", "DBNewAnswer(transaction)"); } $r = DBExec($c, "select * from answertable as a where a.contestnumber={$contest} and a.answernumber={$number} for update", "DBNewAnswer(get answer)"); $n = DBnlines($r); $ret = 1; if ($n == 0) { $ret = 2; DBExec($c, "insert into answertable (contestnumber, answernumber, runanswer, yes, updatetime) values " . "({$contest}, {$number}, '{$name}', '{$y}', {$t})", "DBNewAnswer(insert answer)"); if ($cw) { DBExec($c, "commit work", "DBNewAnswer(commit)"); } LOGLevel("Answer {$number} inserted (contest={$contest},user="******"usertable"]["username"] . "/" . $_SESSION["usertable"]["usersitenumber"] . ")", 2); } else { $lr = DBRow($r, 0); if ($updatetime > $lr['updatetime']) { $ret = 2; DBExec($c, "update answertable set runanswer='{$name}', yes='{$y}', updatetime=" . $updatetime . " where " . "contestnumber={$contest} and answernumber={$number} and fake='f'", "DBNewAnswer(update answer)"); if ($cw) { DBExec($c, "commit work", "DBNewAnswer(commit)"); } LOGLevel("Answer {$number} updated (contest={$contest},user="******"usertable"]["username"] . "/" . $_SESSION["usertable"]["usersitenumber"] . ")", 2); } else { if ($cw) { DBExec($c, "commit work", "DBNewAnswer(commit)"); } } } return $ret; }