if (!isset($_GET["oid"]) || !is_numeric($_GET["oid"]) || !isset($_GET["filename"]) || !isset($_GET["check"]) || $_GET["check"] == "") {
echo "<html><head><title>View Page</title>";
IntrusionNotify("Bad parameters in filewindow.php");
echo "<script>window.close();</script></html>";
exit;
}
$cf = globalconf();
$fname = decryptData(rawurldecode($_GET["filename"]), session_id() . $cf["key"]);
$msg = '';
if (isset($_GET["msg"])) {
$msg = rawurldecode($_GET["msg"]);
}
$p = myhash($_GET["oid"] . $fname . $msg . session_id() . $cf["key"]);
if ($p != $_GET["check"]) {
echo "<html><head><title>View Page</title>";
IntrusionNotify("Parameters modified in filewindow.php");
echo "<script>window.close();</script></html>";
exit;
}
require_once "db.php";
if ($_GET["oid"] >= 0) {
$c = DBConnect();
DBExec($c, "begin work");
if (($lo = DB_lo_open($c, $_GET["oid"], "r")) === false) {
echo "<html><head><title>View Page</title>";
DBExec($c, "rollback work");
LOGError("Unable to download file (" . basename($fname) . ")");
MSGError("Unable to download file (" . basename($fname) . ")");
echo "<script>window.close();</script></html>";
exit;
}
$param['maxfilesize'] = $_POST["maxfilesize"] * 1000;
$param['active'] = 0;
$param['mainsite'] = $_POST["mainsite"];
$param['mainsiteurl'] = $_POST["mainsiteurl"];
$param['unlockkey'] = $_POST["unlockkey"];
if (isset($_FILES["keyfile"]) && $_FILES["keyfile"]["name"] != "") {
$type = myhtmlspecialchars($_FILES["keyfile"]["type"]);
$size = myhtmlspecialchars($_FILES["keyfile"]["size"]);
$name = myhtmlspecialchars($_FILES["keyfile"]["name"]);
$temp = myhtmlspecialchars($_FILES["keyfile"]["tmp_name"]);
if (!is_uploaded_file($temp)) {
IntrusionNotify("file upload problem.");
ForceLoad("../index.php");
}
if (($ar = file($temp)) === false) {
IntrusionNotify("Unable to open the uploaded file.");
ForceLoad("user.php");
}
$dd = 0;
foreach ($ar as $val => $key) {
$key = trim($key);
if ($key == '') {
unset($ar[$val]);
continue;
}
if (substr($key, 10, 5) != '#####') {
MSGError('Invalid key in the file -- not importing any keys');
$dd = 0;
break;
}
if (isset($param['unlockkey']) && $param['unlockkey'] != '') {
if ($size > $ct["contestmaxfilesize"] || strlen($name) > 100 || strlen($name) < 1) {
echo "\nRESULT: SUBMITTED FILE (OR NAME) TOO LARGE";
exit;
}
} else {
$type = myhtmlspecialchars($_FILES["sourcefile"]["type"]);
$size = myhtmlspecialchars($_FILES["sourcefile"]["size"]);
$name = myhtmlspecialchars($_FILES["sourcefile"]["name"]);
$temp = myhtmlspecialchars($_FILES["sourcefile"]["tmp_name"]);
if ($size > $ct["contestmaxfilesize"]) {
LOGLevel("User {$_SESSION["usertable"]["username"]} tried to submit file " . "{$name} with {$size} bytes ({$ct["contestmaxfilesize"]} max allowed).", 1);
MSGError("File size exceeds the limit allowed.");
ForceLoad($runteam);
}
if (!is_uploaded_file($temp) || strlen($name) > 100) {
IntrusionNotify("file upload problem.");
ForceLoad("../index.php");
}
}
if (strpos($name, ' ') === true || strpos($temp, ' ') === true || strpos($name, '/') === true || strpos($temp, '/') === true || strpos($name, '`') === true || strpos($temp, '`') === true || strpos($name, '\'') === true || strpos($temp, '\'') === true || strpos($name, "\"") === true || strpos($temp, "\"") === true || strpos($name, '$') === true || strpos($temp, '$') === true) {
if (isset($_POST['name']) && $_POST['name'] != '') {
echo "\nRESULT: FILE NAME PROBLEM (EG CANNOT HAVE SPACES)";
exit;
}
MSGError("File name cannot contain spaces.");
ForceLoad($runteam);
}
$ac = array('contest', 'site', 'user', 'problem', 'lang', 'filename', 'filepath');
$ac1 = array('runnumber', 'rundate', 'rundatediff', 'rundatediffans', 'runanswer', 'runstatus', 'runjudge', 'runjudgesite', 'runjudge1', 'runjudgesite1', 'runanswer1', 'runjudge2', 'runjudgesite2', 'runanswer2', 'autoip', 'autobegindate', 'autoenddate', 'autoanswer', 'autostdout', 'autostderr', 'updatetime');
$param = array('contest' => $_SESSION["usertable"]["contestnumber"], 'site' => $_SESSION["usertable"]["usersitenumber"], 'user' => $_SESSION["usertable"]["usernumber"], 'problem' => $prob, 'lang' => $lang, 'filename' => $name, 'filepath' => $temp);
if (isset($_POST['pastcode']) && $_POST['pastcode'] != '') {
ob_start();
header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
if (isset($_SESSION["usertable"])) {
$_SESSION["usertable"] = DBUserInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"]);
} else {
IntrusionNotify("scoretable1");
ForceLoad("index.php");
}
if (!isset($_SESSION['usertable']['usertype']) || $_SESSION["usertable"]["usertype"] != "score" && $_SESSION["usertable"]["usertype"] != "site") {
IntrusionNotify("scoretable2");
ForceLoad("index.php");
}
}
if (!ValidSession()) {
InvalidSession("scoretable.php");
ForceLoad("index.php");
}
$loc = $_SESSION["loc"];
if (!isset($detail)) {
$detail = true;
}
if (!isset($final)) {
$final = false;
}
$scoredelay["admin"] = 3;
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
require_once '../version.php';
require_once "../globals.php";
require_once "../db.php";
echo "<html><head><title>System's Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
InvalidSession("system/index.php");
ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "system") {
IntrusionNotify("system/index.php");
ForceLoad("../index.php");
}
echo "</head><body><table border=1 width=\"100%\">\n";
echo "<tr><td nowrap bgcolor=\"eeee00\" align=center>";
echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
echo "<font color=\"#000000\">BOCA</font>";
echo "</td><td bgcolor=\"#eeee00\" width=\"99%\">\n";
echo "Username: "******"usertable"]["userfullname"] . "<br>\n";
list($clockstr, $clocktype) = siteclock();
echo "</td><td bgcolor=\"#eeee00\" align=center nowrap> " . $clockstr . " </td></tr>\n";
echo "</table>\n";
echo "<table border=0 width=\"100%\" align=center>\n";
echo " <tr>\n";
echo " <td align=center><a class=menu style=\"font-weight:bold\" href=contest.php>Contest</a></td>\n";
echo " <td align=center><a class=menu style=\"font-weight:bold\" href=importxml.php>Import</a></td>\n";
<?php
$loc = $locr = "..";
require_once "{$locr}/globals.php";
require_once "{$locr}/db.php";
if (!ValidSession()) {
InvalidSession("webcast/index.php");
ForceLoad("{$loc}/index.php");
}
if ($_SESSION["usertable"]["usertype"] != "admin") {
IntrusionNotify("webcast/index.php");
ForceLoad("{$loc}/index.php");
}
$contest = $_SESSION["usertable"]["contestnumber"];
$site = $_SESSION["usertable"]["usersitenumber"];
if (($ct = DBSiteInfo($contest, $site)) == null) {
ForceLoad("../index.php");
}
if (isset($_GET['full']) && $_GET['full'] > 0) {
$freezeTime = $ct['siteduration'];
} else {
$freezeTime = $ct['sitelastmilescore'];
}
}
ForceLoad("task.php");
}
if (isset($_FILES["filename"]) && isset($_POST["Submit"]) && $_FILES["filename"]["name"] != "") {
if ($_POST["confirmation"] == "confirm") {
$type = myhtmlspecialchars($_FILES["filename"]["type"]);
$size = myhtmlspecialchars($_FILES["filename"]["size"]);
$name = myhtmlspecialchars($_FILES["filename"]["name"]);
$temp = myhtmlspecialchars($_FILES["filename"]["tmp_name"]);
if ($size > $ct["contestmaxfilesize"]) {
LOGLevel("User {$_SESSION["usertable"]["username"]} tried to print file " . "{$name} with {$size} bytes ({$ct["contestmaxfilesize"]} max allowed).", 1);
MSGError("File size exceeds the limit allowed.");
ForceLoad("task.php");
}
if (!is_uploaded_file($temp)) {
IntrusionNotify("Printing file upload problem");
ForceLoad("../index.php");
}
$param['contest'] = $_SESSION["usertable"]["contestnumber"];
$param['site'] = $_SESSION["usertable"]["usersitenumber"];
$param['user'] = $_SESSION["usertable"]["usernumber"];
$param['desc'] = "File to print";
$param['filename'] = $name;
$param['filepath'] = $temp;
DBNewTask($param);
}
ForceLoad("task.php");
}
?>
<br>
<table width="100%" border=1>
function DBLogInContest($name, $pass, $contest, $msg = true)
{
$b = DBGetRow("select * from contesttable where contestnumber={$contest}", 0, null, "DBLogIn(get active contest)");
if ($b == null) {
LOGLevel("There is no contest {$contest}.", 0);
if ($msg) {
MSGError("There is no contest {$contest}, contact an admin.");
}
return false;
}
$d = DBSiteInfo($b["contestnumber"], $b["contestlocalsite"], null, false);
if ($d == null) {
if ($msg) {
MSGError("There is no active site, contact an admin.");
}
return false;
}
$a = DBGetRow("select * from usertable where username='******' and contestnumber=" . $b["contestnumber"] . " and " . "usersitenumber=" . $b["contestlocalsite"], 0, null, "DBLogIn(get user)");
if ($a == null) {
if ($msg) {
LOGLevel("User {$name} tried to log in contest {$contest} but it does not exist.", 2);
MSGError("User does not exist or incorrect password.");
}
return false;
}
$a = DBUserInfo($b["contestnumber"], $b["contestlocalsite"], $a['usernumber'], null, false);
$_SESSION['usertable'] = $a;
$p = myhash($a["userpassword"] . session_id());
$_SESSION['usertable']['userpassword'] = $p;
if ($a["userpassword"] != "" && $p != $pass) {
LOGLevel("User {$name} tried to log in contest {$contest} but password was incorrect.", 2);
if ($msg) {
MSGError("Incorrect password.");
}
unset($_SESSION["usertable"]);
return false;
}
if ($d["sitepermitlogins"] == "f" && $a["usertype"] != "admin" && $a["usertype"] != "judge" && $a["usertype"] != "site") {
LOGLevel("User {$name} tried to login contest {$contest} but logins are denied.", 2);
if ($msg) {
MSGError("Logins are not allowed.");
}
unset($_SESSION["usertable"]);
return false;
}
if ($a["userenabled"] != "t") {
LOGLevel("User {$name} tried to log in contest {$contest} but it is disabled.", 2);
if ($msg) {
MSGError("User disabled.");
}
unset($_SESSION["usertable"]);
return false;
}
$gip = getIP();
if ($a["userip"] != $gip && $a["userip"] != "" && $a["usertype"] != "score") {
LOGLevel("User {$name} is using two different IPs: " . $a["userip"] . "(" . dateconv($a["userlastlogin"]) . ") and " . $gip, 1);
if ($msg && $a["usertype"] != "admin") {
MSGError("You are using two distinct IPs. Admin notified.");
}
}
if ($a["userpermitip"] != "") {
$ips = explode(';', $a["userpermitip"]);
$gips = explode(';', $gip);
if (count($gips) < count($ips)) {
IntrusionNotify("Invalid IP: " . $gip);
ForceLoad("index.php");
}
for ($ipss = 0; $ipss < count($ips); $ipss++) {
$gipi = $gips[$ipss];
$ipi = $ips[$ipss];
if (!match_network($ipi, $gipi)) {
IntrusionNotify("Invalid IP: " . $gip);
ForceLoad("index.php");
}
}
}
$c = DBConnect();
$t = time();
if ($a["usertype"] == "team" && $a["usermultilogin"] != "t" && $a["userpermitip"] == "") {
$r = DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userpermitip='" . $gip . "'," . "userlastlogin={$t}, usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update session)");
} else {
DBExec($c, "begin work");
$sql = "update usertable set usersessionextra='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"] . " and (usersessionextra='' or userip != '" . $gip . "' or userlastlogin<=" . ($t - 86400) . ")";
DBExec($c, $sql);
DBExec($c, "update usertable set userip='" . $gip . "', updatetime=" . time() . ", userlastlogin={$t}, " . "usersession='" . session_id() . "' where username='******' and contestnumber=" . $b["contestnumber"] . " and usersitenumber=" . $b["contestlocalsite"], "DBLogIn(update user)");
if ($name == 'admin') {
list($clockstr, $clocktime) = siteclock();
if ($clocktime < -600) {
DBExec($c, "update contesttable set contestunlockkey='' where contestnumber=" . $b["contestnumber"], "DBLogInContest(update contest)");
}
}
DBExec($c, "commit work");
}
LOGLevel("User {$name} authenticated (" . $gip . ")", 2);
return $a;
}
require_once "../globals.php";
require_once "../db.php";
$runteam = 'team.php';
$runphp = "runchief.php";
$runeditphp = "runeditchief.php";
echo "<html><head><title>Judge's Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
//temporario!!!!
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
InvalidSession("judge/index.php");
ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "judge") {
IntrusionNotify("judge/index.php");
ForceLoad("../index.php");
}
if (($s = DBSiteInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"])) == null) {
ForceLoad("../index.php");
}
if ($s["sitechiefname"] == $_SESSION["usertable"]["username"]) {
$cc = "338833";
} else {
$cc = "77cc77";
}
echo "<script language=\"javascript\" src=\"../reload.js\"></script>\n";
echo "</head><body onload=\"Comecar()\" onunload=\"Parar()\"><table border=1 width=\"100%\">\n";
echo "<tr><td nowrap bgcolor=\"#{$cc}\" align=center>";
echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
echo "<font color=\"#000000\">BOCA</font>";
}
if (!isset($_GET["oid"]) || !is_numeric($_GET["oid"]) || !isset($_GET["filename"]) || !isset($_GET["check"]) || $_GET["check"] == "") {
echo "<html><head><title>Download Page</title>";
IntrusionNotify("Bad parameters in filedownload.php");
ForceLoad("index.php");
}
$cf = globalconf();
$fname = decryptData(rawurldecode($_GET["filename"]), session_id() . $cf["key"]);
if (isset($_GET["msg"])) {
$p = myhash($_GET["oid"] . $fname . rawurldecode($_GET["msg"]) . session_id() . $cf["key"]);
} else {
$p = myhash($_GET["oid"] . $fname . session_id() . $cf["key"]);
}
if ($p != $_GET["check"]) {
echo "<html><head><title>View Page</title>";
IntrusionNotify("Parameters modified in filedownload.php. ");
ForceLoad("index.php");
}
require_once "db.php";
if ($_GET["oid"] >= 0) {
$c = DBConnect();
DBExec($c, "begin work");
if (($lo = DB_lo_open($c, $_GET["oid"], "r")) === false) {
echo "<html><head><title>Download Page</title>";
DBExec($c, "rollback work");
LOGError("Unable to download file (" . basename($fname) . ")");
MSGError("Unable to download file (" . basename($fname) . ")");
ForceLoad("index.php");
}
header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
exit;
}
if (!isset($getx['check'])) {
ob_end_flush();
echo "<!-- <ERROR2> " . session_id() . " " . session_id() . " -->\n";
exit;
}
} else {
ob_end_flush();
LogLevel("Init connection by IP " . getIP(), 2);
echo "<!-- <SESSION1> " . session_id() . " " . session_id() . " -->\n";
exit;
}
}
if (!ValidSession()) {
ob_end_flush();
InvalidSession("site/index.php");
ForceLoad("../index.php");
exit;
}
if (isset($getx['check']) && isset($getx["password"]) && $getx['check'] != myhash($getx["password"] . $_SESSION['usertable']['userpassword'])) {
ob_end_flush();
echo "<!-- <SESSION2> " . session_id() . " " . $_SESSION['usertable']['usersessionextra'] . " -->\n";
exit;
}
if ($_SESSION["usertable"]["usertype"] != "site") {
ob_end_flush();
IntrusionNotify("site/index.php");
ForceLoad("../index.php");
exit;
}
$runeditphp = "runedit.php";
require_once "{$locr}/globals.php";
require_once "{$locr}/db.php";
if (!isset($_POST['noflush'])) {
require_once "{$locr}/version.php";
echo "<html><head><title>Admin's Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"{$loc}/Css2.php\" type=\"text/css\">\n";
}
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
InvalidSession("admin/index.php");
ForceLoad("{$loc}/index.php");
}
if ($_SESSION["usertable"]["usertype"] != "admin") {
IntrusionNotify("admin/index.php");
ForceLoad("{$loc}/index.php");
}
if (!isset($_POST['noflush'])) {
echo "</head><body><table border=1 width=\"100%\">\n";
echo "<tr><td nowrap bgcolor=\"eeee00\" align=center>";
echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
echo "<font color=\"#000000\">BOCA</font>";
echo "</td><td bgcolor=\"#eeee00\" width=\"99%\">\n";
echo "Username: "******"usertable"]["userfullname"] . " (site=" . $_SESSION["usertable"]["usersitenumber"] . ")<br>\n";
list($clockstr, $clocktype) = siteclock();
echo "</td><td bgcolor=\"#eeee00\" align=center nowrap> " . $clockstr . " </td></tr>\n";
echo "</table>\n";
echo "<table border=0 width=\"100%\" align=center>\n";
echo " <tr>\n";
echo " <td align=center><a class=menu style=\"font-weight:bold\" href=run.php>Runs</a></td>\n";
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
require_once '../version.php';
require_once "../globals.php";
require_once "../db.php";
echo "<html><head><title>Score Board Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
InvalidSession("score/index.php");
ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "score") {
IntrusionNotify("score/index.php");
ForceLoad("../index.php");
}
echo "</head><body><table border=1 width=\"100%\">\n";
echo "<tr><td nowrap bgcolor=\"#cc9966\" align=center>";
echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
echo "<font color=\"#000000\">BOCA</font>";
echo "</td><td bgcolor=\"#cc9966\" width=\"99%\">\n";
echo "Username: "******"usertable"]["userfullname"] . " (site=" . $_SESSION["usertable"]["usersitenumber"] . ")<br>\n";
//list($clockstr,$clocktype)=siteclock(); // THIS IS SLOW, WE NEED A BETTER OPTION
$clockstr = '';
echo "</td><td bgcolor=\"#cc9966\" align=center nowrap> " . $clockstr . " </td></tr>\n";
echo "</table>\n";
if (!isset($_SESSION["scorenomenu"]) || !$_SESSION["scorenomenu"]) {
echo "<table border=0 width=\"100%\" align=center>\n";
echo " <tr>\n";
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
//$locr = $_SESSION['locr'];
//$loc = $_SESSION['loc'];
$loc = $locr = "../..";
require_once $locr . "/globals.php";
if (!ValidSession()) {
InvalidSession($_SERVER['PHP_SELF']);
ForceLoad($loc . "/index.php");
}
if ($_SESSION["usertable"]["usertype"] != "admin") {
IntrusionNotify($_SERVER['PHP_SELF']);
ForceLoad($loc . "/index.php");
}
require_once $locr . "/db.php";
require_once $locr . "/freport.php";
echo "<html><head><title>Report Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"{$loc}/Css.php\" type=\"text/css\">\n";
$contest = $_SESSION["usertable"]["contestnumber"];
if (($ct = DBContestInfo($contest)) == null) {
ForceLoad($loc . "/index.php");
}
$site = $_SESSION["usertable"]["usersitenumber"];
if (($st = DBSiteInfo($contest, $site)) == null) {
ForceLoad($loc . "/index.php");
}
}
if (isset($_POST["answer"]) && isset($_POST["Submit"]) && $_POST["Submit"] == "Judge" && is_numeric($_POST["answer"]) && isset($_POST["sitenumber"]) && isset($_POST["number"]) && is_numeric($_POST["sitenumber"]) && is_numeric($_POST["number"])) {
// && isset($_POST["notifyuser"]) && isset($_POST["updatescore"])) {
if ($_POST["confirmation"] == "confirm") {
$answer = myhtmlspecialchars($_POST["answer"]);
$sitenumber = myhtmlspecialchars($_POST["sitenumber"]);
$number = myhtmlspecialchars($_POST["number"]);
// $notuser = myhtmlspecialchars($_POST["notifyuser"]);
// $updscore = myhtmlspecialchars($_POST["updatescore"]);
DBUpdateRun($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"], $sitenumber, $number, $answer);
//, $notuser, $updscore);
}
ForceLoad("run.php");
}
if (!isset($_GET["runnumber"]) || !isset($_GET["runsitenumber"]) || !is_numeric($_GET["runnumber"]) || !is_numeric($_GET["runsitenumber"])) {
IntrusionNotify("tried to open the judge/runedit.php with wrong parameters.");
ForceLoad("run.php");
}
$runsitenumber = myhtmlspecialchars($_GET["runsitenumber"]);
$runnumber = myhtmlspecialchars($_GET["runnumber"]);
if (($a = DBGetRunToAnswer($runnumber, $runsitenumber, $_SESSION["usertable"]["contestnumber"])) === false) {
MSGError("Another judge got it first.");
ForceLoad("run.php");
}
$b = DBGetProblemData($_SESSION["usertable"]["contestnumber"], $a["problemnumber"]);
?>
<br><br><center><b>Use the following fields to judge the run:
</b></center>
<form name="form1" method="post" action="runedit.php">
<input type=hidden name="confirmation" value="noconfirm" />
<center>
header("Pragma: no-cache");
header("Content-Type: text/html; charset=utf-8");
session_start();
ob_end_flush();
require_once "../globals.php";
require_once "../db.php";
echo "<html><head><title>Staff's Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
InvalidSession("staff/index.php");
ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "staff" && $_SESSION["usertable"]["usertype"] != "admin") {
IntrusionNotify("staff/index.php");
ForceLoad("../index.php");
}
echo "<script language=\"javascript\" src=\"../reload.js\"></script>\n";
echo "</head><body onload=\"Comecar()\" onunload=\"Parar()\"><table border=1 width=\"100%\">\n";
echo "<tr><td nowrap bgcolor=\"#ffa020\" align=center>";
echo "<img src=\"../images/smallballoontransp.png\" alt=\"\">";
echo "<font color=\"#000000\">BOCA</font>";
echo "</td><td bgcolor=\"#ffa020\" width=\"99%\">\n";
echo "Username: "******"usertable"]["userfullname"] . " (site=" . $_SESSION["usertable"]["usersitenumber"] . ")<br>\n";
list($clockstr, $clocktype) = siteclock();
echo "</td><td bgcolor=\"#ffa020\" align=center nowrap> " . $clockstr . " </td></tr>\n";
echo "</table>\n";
if (($s = DBSiteInfo($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"])) == null) {
ForceLoad("../index.php");
}
echo "<html><head><title>Team's Page</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">\n";
echo "<link rel=stylesheet href=\"../Css.php\" type=\"text/css\">\n";
?>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="/assets/bootstrap/css/bootstrap.min.css">
<!-- Latest compiled and minified JavaScript -->
<script src="/assets/bootstrap/js/bootstrap.min.js"></script>
<?php
//echo "<meta http-equiv=\"refresh\" content=\"60\" />";
if (!ValidSession()) {
InvalidSession("team/index.php");
ForceLoad("../index.php");
}
if ($_SESSION["usertable"]["usertype"] != "team") {
IntrusionNotify("team/index.php");
ForceLoad("../index.php");
}
?>
<div class="container">
<!-- <nav class="navbar navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand" href="/team/index.php">
<span><img alt="BOCA" src="../images/smallballoontransp.png"> Boca</span>
</a>
</div>
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-4">
<p class="navbar-text navbar-right">
$type = 'site';
} else {
$type = 'none';
}
}
if (trim($ans) == "") {
DBClarGiveUp($number, $sitenumber, $_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usernumber"], $_SESSION["usertable"]["usersitenumber"]);
MSGError("Clarification returned.");
} else {
DBChiefUpdateClar($_SESSION["usertable"]["contestnumber"], $_SESSION["usertable"]["usersitenumber"], $_SESSION["usertable"]["usernumber"], $sitenumber, $number, $ans, $type);
}
}
ForceLoad("clar.php");
}
if (!isset($_GET["clarnumber"]) || !isset($_GET["clarsitenumber"]) || !is_numeric($_GET["clarnumber"]) || !is_numeric($_GET["clarsitenumber"])) {
IntrusionNotify("tried to open the admin/claredit.php with wrong parameters.");
ForceLoad("clar.php");
}
$clarsitenumber = myhtmlspecialchars($_GET["clarsitenumber"]);
$clarnumber = myhtmlspecialchars($_GET["clarnumber"]);
if (($a = DBChiefGetClarToAnswer($clarnumber, $clarsitenumber, $_SESSION["usertable"]["contestnumber"])) === false) {
MSGError("Another judge got it first.");
ForceLoad("clar.php");
}
?>
<br><br><center><b>Use the following fields to answer the clarification:
</b></center>
<form name="form1" method="post" action="claredit.php">
<input type=hidden name="confirmation" value="noconfirm" />
<center>
<table border="0">
