Example #1
0
 public function updateJudgeInfo()
 {
     $reqResult = new Result();
     $judgeid = I('post.judgeid', 0, 'intval');
     $field = array('creator', 'isprivate');
     $tmp = JudgeBaseModel::instance()->getById($judgeid, $field);
     if (empty($tmp) || !checkAdmin(4, $tmp['creator'])) {
         $reqResult->setStatus(false);
         $reqResult->setMessage("您没有权限进行此操作!");
     } else {
         if ($tmp['isprivate'] == PrivilegeBaseModel::PROBLEM_SYSTEM && !checkAdmin(1)) {
             $reqResult->setStatus(false);
             $reqResult->setMessage("您没有权限进行此操作!");
         } else {
             $arr = JudgeConvert::convertJudgeFromPost();
             $result = JudgeBaseModel::instance()->updateById($judgeid, $arr);
             if ($result !== false) {
                 $pointIds = I('post.point', array());
                 KeyPointService::instance()->saveExamPoint($pointIds, $judgeid, JudgeBaseModel::JUDGE_PROBLEM_TYPE);
                 $reqResult->setMessage("判断题修改成功!");
                 $reqResult->setData("judge");
             } else {
                 $reqResult->setStatus(false);
                 $reqResult->setMessage("判断题修改失败!");
             }
         }
     }
     return $reqResult;
 }
 public function upd_question()
 {
     $fillid = intval($_POST['fillid']);
     $tmp = M("ex_fill")->field('creator,isprivate')->where('fill_id=%d', $fillid)->find();
     if (!$tmp || !checkAdmin(4, $tmp['creator'])) {
         return -1;
     } else {
         if ($tmp['isprivate'] == 2 && !checkAdmin(1)) {
             return -1;
         } else {
             $arr['question'] = test_input($_POST['fill_des']);
             $arr['point'] = test_input($_POST['point']);
             $arr['easycount'] = intval($_POST['easycount']);
             $arr['answernum'] = intval($_POST['numanswer']);
             $arr['kind'] = intval($_POST['kind']);
             $arr['isprivate'] = intval($_POST['isprivate']);
             $result = M('ex_fill')->where('fill_id=%d', $fillid)->data($arr)->save();
             if ($result !== false) {
                 $sql = "DELETE FROM `fill_answer` WHERE `fill_id`={$fillid}";
                 M()->execute($sql);
                 $ins = array();
                 for ($i = 1; $i <= $arr['answernum']; $i++) {
                     $answer = test_input($_POST["answer{$i}"]);
                     $ins[] = array("fill_id" => "{$fillid}", "answer_id" => "{$i}", "answer" => "{$answer}");
                 }
                 if ($arr['answernum']) {
                     M('fill_answer')->addAll($ins);
                 }
                 return 1;
             } else {
                 return -2;
             }
         }
     }
 }
Example #3
0
function problemshow($problem, $searchsql)
{
    if ($problem < 0 || $problem > 2) {
        $problem = 0;
    }
    if (!checkAdmin(1) && $problem == 2) {
        $problem = 0;
    }
    $creator = I('get.creator', '', 'htmlspecialchars');
    $creatorSql = "1=1";
    if (!empty($creator)) {
        $creatorSql = "creator = '{$creator}'";
    }
    if ($searchsql == "") {
        if ($problem == 0 || checkAdmin(1)) {
            $prosql = "`isprivate`='{$problem}' AND {$creatorSql}";
        } else {
            $user = $_SESSION['user_id'];
            $prosql = "`isprivate`='{$problem}' AND `creator` like '{$user}'";
        }
    } else {
        if ($problem == 0 || checkAdmin(1)) {
            $prosql = " AND `isprivate`='{$problem}' AND {$creatorSql}";
        } else {
            $user = $_SESSION['user_id'];
            $prosql = " AND `isprivate`='{$problem}' AND `creator` like '{$user}'";
        }
    }
    return $prosql;
}
Example #4
0
 /**
  * 判断用户是否有权限参加此考试,判断包括:
  * 1.是否在权限列表 0
  * 2.考试是否存在或可见 -1
  * 3.如果是vip考试,是否在不同机器上登陆过  -2
  * 4.可选。是否已经交卷 -3
  * @param  number $eid 比赛编号
  * @param  string $user_id 用户ID]
  * @param  boolean $havetaken 是否判断已经参加考试过
  * @return number|array        返回数字表示没有权限,否则有
  */
 public function checkExamPrivilege($eid, $user_id, $havetaken = false)
 {
     $hasPrivilege = $this->getPrivilege($user_id, $eid);
     if (!(checkAdmin(2) || $hasPrivilege)) {
         return 0;
     }
     $field = array('title', 'start_time', 'end_time', 'isvip', 'visible');
     $row = ExamBaseModel::instance()->getExamInfoById($eid, $field);
     if (empty($row)) {
         return -1;
     }
     if (C('OJ_VIP_CONTEST')) {
         if ($row['isvip'] == 'Y') {
             $today = date('Y-m-d');
             $ip1 = $_SERVER['REMOTE_ADDR'];
             $sql = "SELECT `user_id` FROM `loginlog` WHERE `user_id`='{$user_id}' AND `time`>='{$today}' AND ip<>'{$ip1}' AND\n\t\t\t\t `user_id` NOT IN( SELECT `user_id` FROM `privilege` WHERE `rightstr`='administrator' or `rightstr`='contest_creator') ORDER BY `time` DESC limit 0,1";
             $tmprow = M()->query($sql);
             if ($tmprow) {
                 return -2;
             }
         }
     }
     if ($havetaken) {
         $where = array('user_id' => $user_id, 'exam_id' => $eid);
         $field = array('score');
         $score = StudentBaseModel::instance()->queryOne($where, $field);
         if (!is_null($score['score']) && $score['score'] >= 0) {
             return -3;
         }
     }
     return $row;
 }
 public function upd_question()
 {
     $chooseid = intval($_POST['chooseid']);
     $tmp = M("ex_choose")->field('creator,isprivate')->where('choose_id=%d', $chooseid)->find();
     if (!$tmp || !checkAdmin(4, $tmp['creator'])) {
         return -1;
     } else {
         if ($tmp['isprivate'] == 2 && !checkAdmin(1)) {
             return -1;
         } else {
             $arr['question'] = test_input($_POST['choose_des']);
             $arr['ams'] = test_input($_POST['ams']);
             $arr['bms'] = test_input($_POST['bms']);
             $arr['cms'] = test_input($_POST['cms']);
             $arr['dms'] = test_input($_POST['dms']);
             $arr['point'] = test_input($_POST['point']);
             $arr['answer'] = $_POST['answer'];
             $arr['easycount'] = intval($_POST['easycount']);
             $arr['isprivate'] = intval($_POST['isprivate']);
             $result = M('ex_choose')->where('choose_id=%d', $chooseid)->data($arr)->save();
             if ($result !== false) {
                 return 1;
             } else {
                 return -2;
             }
         }
     }
 }
Example #6
0
function checkTeam($tid)
{
    if (isset($_SESSION["tid"]) && $_SESSION["tid"] == $tid) {
        return true;
    }
    return checkAdmin();
}
 public function dorejudge()
 {
     if (IS_POST && I('post.eid')) {
         if (!check_post_key() || !checkAdmin(1)) {
             $this->error('发生错误!');
         }
         $eid = intval($_POST['eid']);
         if (I('post.rjall')) {
             $prirow = M('exam')->field('start_time,end_time')->where('exam_id=%d', $eid)->find();
             $start_timeC = strftime("%Y-%m-%d %X", strtotime($prirow['start_time']));
             $end_timeC = strftime("%Y-%m-%d %X", strtotime($prirow['end_time']));
             $userlist = M('ex_student')->field('user_id')->where('exam_id=%d', $eid)->select();
             if ($userlist) {
                 foreach ($userlist as $value) {
                     $this->rejudgepaper($value['user_id'], $eid, $start_timeC, $end_timeC, 1);
                 }
                 unset($userlist);
             }
             $this->success('全部重判成功!', U('Teacher/Exam/userscore', array('eid' => $eid)), 2);
         } else {
             if (I('post.rjone')) {
                 $rjuserid = test_input($_POST['rjuserid']);
                 $flag = $this->dojudgeone($eid, $rjuserid);
                 if ($flag) {
                     $this->success('重判成功!', U('Teacher/Exam/userscore', array('eid' => $eid)), 2);
                 }
             } else {
                 $this->error('Invaild Path');
             }
         }
     } else {
         $this->error('Wrong Method');
     }
 }
Example #8
0
 public function updateChooseInfo()
 {
     $reqResult = new Result();
     $chooseid = I('post.chooseid', 0, 'intval');
     $field = array('creator', 'isprivate');
     $_chooseInfo = ChooseBaseModel::instance()->getById($chooseid, $field);
     if (empty($_chooseInfo) || !checkAdmin(4, $_chooseInfo['creator'])) {
         $reqResult->setStatus(false);
         $reqResult->setMessage("您没有权限进行此操作!");
     } else {
         if ($_chooseInfo['isprivate'] == PrivilegeBaseModel::PROBLEM_SYSTEM && !checkAdmin(1)) {
             $reqResult->setStatus(false);
             $reqResult->setMessage("您没有权限进行此操作!");
         } else {
             $arr = ChooseConvert::convertChooseFromPost();
             $result = ChooseBaseModel::instance()->updateById($chooseid, $arr);
             if ($result !== false) {
                 $pointIds = I('post.point', array());
                 KeyPointService::instance()->saveExamPoint($pointIds, $chooseid, ChooseBaseModel::CHOOSE_PROBLEM_TYPE);
                 $reqResult->setMessage("选择题修改成功!");
                 $reqResult->setData("choose");
             } else {
                 $reqResult->setStatus(false);
                 $reqResult->setMessage("选择题修改失败!");
             }
         }
     }
     return $reqResult;
 }
Example #9
0
function problemshow($problem, $searchsql)
{
    if ($problem < 0 || $problem > 2) {
        $problem = 0;
    }
    if (!checkAdmin(1) && $problem == 2) {
        $problem = 0;
    }
    if ($searchsql == "") {
        if ($problem == 0 || checkAdmin(1)) {
            $prosql = "`isprivate`='{$problem}'";
        } else {
            $user = $_SESSION['user_id'];
            $prosql = "`isprivate`='{$problem}' AND `creator` like '{$user}'";
        }
    } else {
        if ($problem == 0 || checkAdmin(1)) {
            $prosql = " AND `isprivate`='{$problem}'";
        } else {
            $user = $_SESSION['user_id'];
            $prosql = " AND `isprivate`='{$problem}' AND `creator` like '{$user}'";
        }
    }
    return $prosql;
}
Example #10
0
function adminAccess($mysqli, $userId)
{
    if (checkAdmin($mysqli, $userId) === false) {
        header("Location: ../../404.php");
        exit;
    }
}
 public function upd_exam()
 {
     $eid = intval($_POST['examid']);
     $tmp = M("exam")->field('creator')->where('exam_id=%d', $eid)->find();
     if (!$tmp || !checkAdmin(4, $tmp['creator'])) {
         return -1;
     } else {
         $arr['start_time'] = intval($_POST['syear']) . "-" . intval($_POST['smonth']) . "-" . intval($_POST['sday']) . " " . intval($_POST['shour']) . ":" . intval($_POST['sminute']) . ":00";
         $arr['end_time'] = intval($_POST['eyear']) . "-" . intval($_POST['emonth']) . "-" . intval($_POST['eday']) . " " . intval($_POST['ehour']) . ":" . intval($_POST['eminute']) . ":00";
         $title = $_POST['examname'];
         if (get_magic_quotes_gpc()) {
             $title = stripslashes($title);
         }
         $arr['title'] = $title;
         $arr['choosescore'] = I('post.xzfs', 0, 'intval');
         $arr['judgescore'] = I('post.pdfs', 0, 'intval');
         $arr['fillscore'] = I('post.tkfs', 0, 'intval');
         $arr['prgans'] = I('post.yxjgfs', 0, 'intval');
         $arr['prgfill'] = I('post.cxtkfs', 0, 'intval');
         $arr['programscore'] = I('post.cxfs', 0, 'intval');
         $arr['isvip'] = I('post.isvip', 'Y');
         $result = M('exam')->where('exam_id=%d', $eid)->data($arr)->save();
         if ($result !== false) {
             return 1;
         } else {
             return -2;
         }
     }
 }
Example #12
0
 /**
  * 判断用户是否有权限参加此考试,判断包括:
  * 1.是否在权限列表
  * 2.考试是否存在或可见
  * 3.如果是vip考试,是否在不同机器上登陆过
  * 4.可选。是否已经交卷
  * @param  number $eid 比赛编号
  * @param  string $user_id 用户ID]
  * @param  boolean $havetaken 是否判断已经参加考试过
  * @return number|array        返回数字表示没有权限,否则有
  */
 public function chkexamprivilege($eid, $user_id, $havetaken = false)
 {
     $num = $this->chkprivilege($user_id, $eid);
     if (!(checkAdmin(2) || $num)) {
         return 0;
     }
     $row = M('exam')->field('title,start_time,end_time,isvip,visible')->where('exam_id=%d', $eid)->find();
     if (!$row || $row['visible'] == 'N') {
         return -1;
     }
     if (C('OJ_VIP_CONTEST')) {
         if ($row['isvip'] == 'Y') {
             $today = date('Y-m-d');
             $ip1 = $_SERVER['REMOTE_ADDR'];
             $sql = "SELECT `user_id` FROM `loginlog` WHERE `user_id`='{$user_id}' AND `time`>='{$today}' AND ip<>'{$ip1}' AND\n\t\t\t\t `user_id` NOT IN( SELECT `user_id` FROM `privilege` WHERE `rightstr`='administrator' or `rightstr`='contest_creator') ORDER BY `time` DESC limit 0,1";
             $tmprow = M()->query($sql);
             if ($tmprow) {
                 return -2;
             }
         }
     }
     if ($havetaken) {
         $num = M('ex_student')->where("user_id='%s' and exam_id=%d", $user_id, $eid)->count();
         if ($num) {
             return -3;
         }
     }
     return $row;
 }
Example #13
0
 public function upd_exam()
 {
     $eid = intval($_POST['examid']);
     $tmp = ExamModel::instance()->getExamInfoById($eid, array('creator'));
     if (!$tmp || !checkAdmin(4, $tmp['creator'])) {
         return -1;
     } else {
         $arr['start_time'] = intval($_POST['syear']) . "-" . intval($_POST['smonth']) . "-" . intval($_POST['sday']) . " " . intval($_POST['shour']) . ":" . intval($_POST['sminute']) . ":00";
         $arr['end_time'] = intval($_POST['eyear']) . "-" . intval($_POST['emonth']) . "-" . intval($_POST['eday']) . " " . intval($_POST['ehour']) . ":" . intval($_POST['eminute']) . ":00";
         $title = I('post.examname', '');
         if (get_magic_quotes_gpc()) {
             $title = stripslashes($title);
         }
         $arr['title'] = $title;
         $arr['choosescore'] = I('post.xzfs', 0, 'intval');
         $arr['judgescore'] = I('post.pdfs', 0, 'intval');
         $arr['fillscore'] = I('post.tkfs', 0, 'intval');
         $arr['prgans'] = I('post.yxjgfs', 0, 'intval');
         $arr['prgfill'] = I('post.cxtkfs', 0, 'intval');
         $arr['programscore'] = I('post.cxfs', 0, 'intval');
         $arr['isvip'] = I('post.isvip', 'Y');
         $result = ExamModel::instance()->updateExamInfoById($eid, $arr);
         if ($result !== false) {
             return 1;
         } else {
             return -2;
         }
     }
 }
Example #14
0
function needAdmin($DBlink)
{
    if (!checkAdmin($DBlink, $_SESSION['loginID'])) {
        alert('Permission deny');
        locate($URLPv . "index.php");
        return;
    }
}
Example #15
0
 function _initialize()
 {
     $userId = Session::get(C('USER_AUTH_KEY'));
     if (!checkAdmin('quan', $userId)) {
         echo "you are not a manager !";
     }
     parent::_initialize();
 }
 public function point()
 {
     if (!checkAdmin(1)) {
         $this->error('Sorry,Only admin can do');
     }
     $pnt = M('ex_point')->order('point_pos')->select();
     $this->assign('pnt', $pnt);
     $this->auto_display();
 }
 protected function candel($pvt, $crt)
 {
     if (!checkAdmin(4, $crt)) {
         return false;
     } else {
         if ($pvt == 2 && !checkAdmin(1)) {
             return false;
         }
     }
     return true;
 }
Example #18
0
 function __index()
 {
     // 		debug($this->paginate);
     // 		$conditions = ''
     // 		debug($this->Auth);
     // 		$id_company = $_SESSION['Auth']['User']['group_id'];
     // 		$cvecia = '004';
     // 		$cveare = '007';
     // // 		$cvepue = '000005';
     // 		$cvepue = '000011';
     // 		$cvetra = '4000015';
     // 		$payroll = $this->Payroll->find('all');
     //
     // 		var_dump($this->Payroll->getPayrollByCompany($cvecia,$cveare,$cvepue,$cvetra));
     // 		App::import('Core', 'HttpSocket');
     // 		$HttpSocket = new HttpSocket();
     // 		$results = $HttpSocket->get('https://www.google.com.mx/search', 'q=php');
     // 		$results = $HttpSocket->get('http://localhost:14921/@exercise/intro-hello-webgl/');
     // 		pr('print_r');
     // 		var_dump(Configure::read());
     //returns html for Google's search results for the query "cakephp"
     // 		e(utf8_encode($results));
     // 		e($results);
     // Example response array
     // Responses will include varying header and cookie fields
     // 		debug($HttpSocket->response);
     // 		e($HttpSocket->response['body']);
     // 		var_dump($_SESSION['Auth']['User']['group_id']);
     $group_id = (int) $_SESSION['Auth']['User']['group_id'];
     if ($group_id != 1 and $group_id != 5 and $group_id != 3 and $group_id != 7) {
         $conditions['Policy.group_id'] = $group_id;
     }
     // 		if come from view ?
     if (!empty($this->params['named']['type'])) {
         $conditions['Policy.policies_type'] = $this->params['named']['type'];
     }
     if (checkAdmin($_SESSION['Auth']['User']['group_id']) !== TRUE) {
         $conditions['Policy.status'] = 'Active';
     }
     // set the var conditions for all policies
     if (empty($conditions) or !isset($conditions)) {
         // 			$conditions = null;
         $this->Prg->commonProcess();
         $conditions = $this->Policy->parseCriteria($this->passedArgs);
     }
     $this->paginate = array('conditions' => $conditions, 'limit' => 10);
     $this->LoadModel('PoliciesType');
     $policies_type = $this->PoliciesType->find('list');
     $this->set(compact('policies_type'));
     $this->Policy->recursive = 0;
     $this->set('policies', $this->paginate());
 }
Example #19
0
function login()
{
    if (checkUserNameExist($_POST["usernameLogin"], $_POST["passwordLogin"])) {
        checkAdmin($_POST["usernameLogin"]);
        $_SESSION["name"] = $_POST["usernameLogin"];
        $_SESSION["password"] = $_POST["passwordLogin"];
        $_SESSION["login"] = true;
        $version = "private";
        return $version;
    } else {
        errorAlert("The password is incurrect or the user name does not exist!");
    }
}
Example #20
0
 function filterTitle($data, $field = null)
 {
     // 		debug($this->alias);
     if (empty($data['name'])) {
         return array();
     }
     if (checkAdmin($_SESSION['Auth']['User']['group_id']) !== TRUE) {
         $status = array($this->alias . '.status' => 'Active');
     } else {
         $status = array($this->alias . '.status' => array('Active', 'Inactive'));
     }
     // 		debug($status);
     $search = '%' . $data['name'] . '%';
     return array('AND' => array($status), 'OR' => array($this->alias . '.name LIKE' => $search, $this->alias . '.description LIKE' => $search));
 }
Example #21
0
function AdminUI()
{
    if (checkAdmin() == true) {
        ?>
<b>FAQ Admin</b>
<br>
<form method="post" action="?faqadmin=true">
Q:<input type="text" name="QSub" style="width: 500px"><br>
A:<textarea name="ASub" style="width: 500px; height: 150px"></textarea><br>
<input type="submit" value="Add">
</form>
</div>
<?php 
    } else {
        echo "You are not authorized";
    }
}
Example #22
0
 public function exam()
 {
     $tmp = ExamModel::instance()->getExamInfoById($this->id, array('creator'));
     if (!checkAdmin(4, $tmp['creator'])) {
         $this->error('You have no privilege!');
     } else {
         $data['visible'] = 'N';
         ExamModel::instance()->updateExamInfoById($this->id, $data);
         $this->success("考试删除成功", U("Teacher/Index/index", array('page' => $this->page)), 2);
         //if the exam was deleted
         //the info of exam was deleted
         // $query="DELETE FROM `exp_question` WHERE `exam_id`='$id'";
         // $query="DELETE FROM `ex_privilege` WHERE `rightstr`='e$id'";
         // $query="DELETE FROM `ex_stuanswer` WHERE `exam_id`='$id'";
         // $query="DELETE FROM `ex_student` WHERE `exam_id`='$id'";
     }
 }
 public function exam()
 {
     $tmp = M('exam')->field('creator')->where('exam_id=%d', $this->id)->find();
     if (!checkAdmin(4, $tmp['creator'])) {
         $this->error('You have no privilege!');
     } else {
         $data['visible'] = 'N';
         M('exam')->data($data)->where('exam_id=%d', $this->id)->save();
         $this->success("考试删除成功", U("Teacher/Index/index", array('page' => $this->page)), 2);
         //if the exam was deleted
         //the info of exam was deleted
         // $query="DELETE FROM `exp_question` WHERE `exam_id`='$id'";
         // $query="DELETE FROM `ex_privilege` WHERE `rightstr`='e$id'";
         // $query="DELETE FROM `ex_stuanswer` WHERE `exam_id`='$id'";
         // $query="DELETE FROM `ex_student` WHERE `exam_id`='$id'";
     }
 }
 function index()
 {
     // 		debug(func_get_args());
     // 		debug($this->params['pass']);
     // 		debug($this->passedArgs);
     $this->FieldData->recursive = 0;
     $this->LoadModel('Company');
     $company = $this->Company->find('list', array('fields' => array('nom_id', 'name')));
     $company['0'] = ' ';
     $this->set(compact('company'));
     $this->set('htmlMotor', htmlMotor());
     /** NOTE <build the process for group access conditions for the special group root > */
     (int) ($group_id = $_SESSION['Auth']['User']['group_id']);
     if (!checkAdmin($group_id)) {
         $user_id = $_SESSION['Auth']['User']['id'];
         $this->paginate = array('conditions' => array('User.id' => $user_id));
     }
     $userFieldDatas = $this->paginate('User');
     foreach ($userFieldDatas as $indexFieldDatas => $fieldDatasContent) {
         $fieldDataUser[] = $fieldDatasContent['User'];
         foreach ($fieldDatasContent['FieldDatas'] as $indexFieldDatasContent => $contentFieldDatasContent) {
             $conditionsFieldData['FieldData.id'][] = $contentFieldDatasContent['id'];
             $dataUserFieldData[$fieldDatasContent['User']['id']][] = $contentFieldDatasContent['id'];
         }
     }
     $fieldData = $this->FieldData->find('all', array('conditions' => $conditionsFieldData));
     /** NOTE <set the index array as field.id>*/
     $resultFieldData = Set::combine($fieldData, '{n}.FieldData.id', '{n}');
     // 		debug($resultFieldData);
     /** NOTE <set the var for the encrypted filemanager>*/
     $file_dir = WWW_ROOT . 'files' . DS . 'users' . DS;
     $data = array('1' => 'value', '2' => Configure::read('Security.salt'), '3' => $this->Session->id(), 'dir_path' => base64_encode($file_dir), '_ip' => $this->Auth->user('last_ip'));
     $Hash = GeraHash(30);
     $decrypt = base64_encode(serialize($data));
     $password = '@' . substr($Hash, 3, 12) . '#';
     $salt = Configure::read('Security.salt');
     $encrypt_encode = base64_encode(dEncrypt($decrypt, $password, $salt, 'encrypt'));
     $app = 'filemanager';
     $path = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['HTTP_HOST']}/{$app}/filemanager.php?{$Hash}={$encrypt_encode}";
     $this->set(compact('resultFieldData', 'fieldDataUser', 'dataUserFieldData', 'data', 'Hash', 'decrypt', 'password', 'salt', 'encrypt_encode', 'app', 'path'));
     $this->set('fieldConfig', $this->fieldConfig());
 }
Example #25
0
 public function updateExamInfo()
 {
     $reqResult = new Result();
     $examId = intval($_POST['examid']);
     $_examInfo = ExamBaseModel::instance()->getExamInfoById($examId, array('creator'));
     if (empty($_examInfo) || !checkAdmin(4, $_examInfo['creator'])) {
         $reqResult->setStatus(false);
         $reqResult->setMessage("You have no privilege to modify it!");
         return $reqResult;
     }
     $data = ExamConvert::convertExamDataFromPost();
     $res = ExamBaseModel::instance()->updateById($examId, $data);
     if ($res !== false) {
         $reqResult->setMessage("考试修改成功!");
         $reqResult->setData("index");
     } else {
         $reqResult->setStatus(false);
         $reqResult->setMessage("考试修改失败!");
     }
     return $reqResult;
 }
Example #26
0
function getUserId($email, $password)
{
    $email = fixEmail($email);
    $password = trim($password);
    if (checkAdmin($email, $password) === true) {
        $_SESSION["admin"] = $email;
        header("Location: admin/");
        exit;
    }
    $u = getFullUser($email, $password);
    # full user information
    if ($u === null) {
        # wrong password or account does not exist
        return INVALID_LOGIN_ERR;
    } elseif ($u["activation_code"] !== "0") {
        # account not verified
        return INACTIVE_ACCOUNT_ERR . " Please check your inbox for an email from us. Or click the button below to request another verification link. <br />\n        <form action='index' method='post' class='form-horizontal'>\n            <input type='hidden' name='user_id' value='{$u["user_id"]}' />\n            <div style='text-align: center'>\n                <button name='activate' class='btn btn-default' type='submit'>Submit</button>\n            </div>\n        </form>";
    } else {
        checkLoginRememberMe($email);
        return $u["user_id"];
    }
}
Example #27
0
 public function updateFillInfo()
 {
     $reqResult = new Result();
     $fillId = I('post.fillid', 0, 'intval');
     $field = array('creator', 'isprivate');
     $_fillInfo = FillBaseModel::instance()->getById($fillId, $field);
     if (empty($_fillInfo) || !checkAdmin(4, $_fillInfo['creator'])) {
         $reqResult->setStatus(false);
         $reqResult->setMessage("您没有权限进行此操作!");
     } else {
         if ($_fillInfo['isprivate'] == PrivilegeBaseModel::PROBLEM_SYSTEM && !checkAdmin(1)) {
             $reqResult->setStatus(false);
             $reqResult->setMessage("您没有权限进行此操作!");
         } else {
             $arr = FillConvert::convertFillFromPost();
             $result = FillBaseModel::instance()->updateById($fillId, $arr);
             if ($result !== false) {
                 $sql = "DELETE FROM `fill_answer` WHERE `fill_id`={$fillId}";
                 M()->execute($sql);
                 $ins = array();
                 for ($i = 1; $i <= $arr['answernum']; $i++) {
                     $answer = test_input($_POST["answer{$i}"]);
                     $ins[] = array("fill_id" => "{$fillId}", "answer_id" => "{$i}", "answer" => "{$answer}");
                 }
                 if ($arr['answernum']) {
                     M('fill_answer')->addAll($ins);
                 }
                 $pointIds = I('post.point', array());
                 KeyPointService::instance()->saveExamPoint($pointIds, $fillId, FillBaseModel::FILL_PROBLEM_TYPE);
                 $reqResult->setMessage("填空题修改成功!");
                 $reqResult->setData("fill");
             } else {
                 $reqResult->setStatus(false);
                 $reqResult->setMessage("填空题修改失败!");
             }
         }
     }
     return $reqResult;
 }
Example #28
0
    come e` pubblicata dalla Free Software Foundation; o la versione 2
    della licenza o (a propria scelta) una versione successiva.

    Questo programma  e` distribuito nella speranza  che sia utile, ma
    SENZA   ALCUNA GARANZIA; senza  neppure  la  garanzia implicita di
    NEGOZIABILITA` o di  APPLICABILITA` PER UN  PARTICOLARE SCOPO.  Si
    veda la Licenza Pubblica Generica GNU per avere maggiori dettagli.

    Ognuno dovrebbe avere   ricevuto una copia  della Licenza Pubblica
    Generica GNU insieme a   questo programma; in caso  contrario,  si
    scriva   alla   Free  Software Foundation,  Inc.,   59
    Temple Place, Suite 330, Boston, MA 02111-1307 USA Stati Uniti.
 --------------------------------------------------------------------------
*/
require("../../library/include/datlib.inc.php");
$admin_aziend=checkAdmin();
$msg = '';


if (isset($_POST['Update']) || isset($_GET['Update'])) {
    $toDo = 'update';
} else {
    $toDo = 'insert';
}

if (isset($_POST['Insert']) || isset($_POST['Update'])) {   //se non e' il primo accesso
    $form['ritorno'] = $_POST['ritorno'];
    $form['codice'] = intval($_POST['codice']);
    $form['descri'] = substr($_POST['descri'],0,50);
    $form['annota'] = substr($_POST['annota'],0,50);
    if (isset($_POST['Submit'])) { // conferma tutto
Example #29
0
<?php

if (!defined('__KIMS__')) {
    exit;
}
checkAdmin(0);
/* 알림을 보내는 방법 ************************************************************

- 다음의 함수를 실행합니다.
putNotice($rcvmember,$sendmodule,$sendmember,$message,$referer,$target);

$rcvmember	: 받는회원 UID
$sendmodule	: 보내는모듈 ID
$sendmember	: 보내는회원 UID (시스템으로 보낼경우 0)
$message	: 보내는 메세지 (관리자 및 허가된 사용자는 HTML태그 사용가능 / 일반 회원은 불가)
$referer	: 연결해줄 URL이 있을 경우 http:// 포함하여 지정
$target		: 연결할 URL의 링크 TARGET (새창으로 연결하려면 _blank)

********************************************************************************/
putNotice($my['uid'], $m, $my['uid'], _LANG('a3001', 'notification'), '', '');
getLink('reload', 'parent.', '', '');
Example #30
0
<?php

include "dblib.inc";
include "clublib.inc";
checkAdmin();
$message = "";
if (isset($actionflag)) {
    // controllo che abbia selezionato un cliente
    if (!isset($form['ID_Cliente']) || $form['ID_Cliente'] == "") {
        $message = "Devi selezionare il Cliente !";
    }
    if (isset($form['ID_Cliente']) && !($form['ID_Cliente'] == "")) {
        // trasformo il parametro ID_Cliente in var di sessione
        $session['ID_Cliente'] = $form['ID_Cliente'];
        header("Location: Admin_Composizione_Fattura.php");
        exit;
    }
}
$form['ID_Cliente'] = "";
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">



<html>

<head>

	<title>Nuova Fattura</title>