Example #1
0
 /** Specifies the content for the admin interface view. */
 public function admin_interface()
 {
     $data['page_title'] = sprintf(lang('welcome'), current_username());
     $data['prio_comment_nr'] = count($this->commentModel->get_all_comments(TRUE));
     $data['call_min_exp'] = count($this->callerModel->get_experiments_without_callers());
     $data['leader_min_exp'] = count($this->leaderModel->get_experiments_without_leaders());
     $this->load->view('templates/header', $data);
     $this->authenticate->authenticate_redirect('admin_interface', $data, UserRole::Admin);
     $this->load->view('templates/footer');
 }
Example #2
0
 function create_new_submission_for_current_user()
 {
     $username = current_username();
     if ($username = NULL) {
         return FALSE;
     }
     $query = "INSERT INTO submissions (" . "user_id,status,timestamp) VALUES (" . current_user_id() . "," . "10,CURRENT_TIMESTAMP)";
     $successfull = mysql_query($query);
     if ($successfull) {
         mysql_query("UPDATE submissions SET latest = 0 WHERE user_id ='" . current_user_id() . "'");
     }
     return $successfull;
 }
 /** Deactivates the specified participant */
 public function deactivate($participant_id)
 {
     $this->participantModel->deactivate($participant_id, DeactivateReason::Manual);
     $p = $this->participantModel->get_participant_by_id($participant_id);
     // Inform all admins of this deactivation
     $url = $this->config->site_url() . 'participant/get/' . $participant_id;
     $users = $this->userModel->get_all_admins();
     foreach ($users as $user) {
         reset_language(user_language($user));
         $this->email->clear();
         $this->email->from(FROM_EMAIL, FROM_EMAIL_NAME);
         $this->email->to(in_development() ? TO_EMAIL_OVERRIDE : $user->email);
         $this->email->subject(lang('dereg_pp_subject'));
         $message = sprintf(lang('mail_heading'), $user->username);
         $message .= br(2);
         $message .= sprintf(lang('deac_pp_body'), name($p), $p->phone, current_username(), $url, $url);
         $message .= br(2);
         $message .= lang('mail_ending');
         $message .= br(2);
         $message .= lang('mail_disclaimer');
         $this->email->message($message);
         $this->email->send();
     }
     flashdata(sprintf(lang('p_deactivated'), name($p)));
     redirect($this->agent->referrer(), 'refresh');
 }
function getRankingsTableString($user_id, $viewmore = true, $viewresults = 10, $viewlink, $page = 0, $filter = null, $filterparam = null)
{
    // Avoid SQL injections
    if (!filter_var($user_id, FILTER_VALIDATE_INT)) {
        return "";
    } else {
        $user_id = intval($user_id);
    }
    if (!filter_var($page, FILTER_VALIDATE_INT)) {
        $page = 0;
    } else {
        $page = intval($page);
    }
    $user_id = mysql_real_escape_string($user_id);
    $page = mysql_real_escape_string($page);
    $filter = mysql_real_escape_string($filter);
    $filterparam = mysql_real_escape_string($filterparam);
    $page = $_GET["page"];
    if (!filter_var($page, FILTER_VALIDATE_INT)) {
        $page = 1;
    }
    $filter_text = $filter == NULL ? "" : "and {$filter} = '{$filterparam}'";
    /*
        $leaderboard_result = mysql_query("SELECT MAX(leaderboard_id) as id
       FROM leaderboards where complete=1");
        $row = mysql_fetch_assoc($leaderboard_result);
        $leaderboard_id = $row['id'];
    */
    $leaderboard_id = 159501;
    // Fetch row count
    $rowcount_query = <<<EOT
select
    count(1)
from
    rankings r 
    inner join submissions s on s.submission_id = r.submission_id
    inner join users u on u.user_id = s.user_id
    left outer join organizations o on o.org_id = u.org_id
    left outer join countries c on c.country_id = u.country_id
    inner join languages l on l.language_id = s.language_id
where
    leaderboard_id = {$leaderboard_id}
    {$filter_text}
EOT;
    $rowcount_data = mysql_query($rowcount_query);
    if ($rowcount_data) {
        list($rowcount) = mysql_fetch_row($rowcount_data);
    } else {
        $rowcount = 0;
    }
    // Fetch Only Rows Needed For Current Page
    $offset = $viewresults * ($page - 1);
    $rankings_query = <<<EOT
select
    u.user_id,
    u.username,
    s.*,
    r.*,
    c.country_id,
    c.name as country_name,
    c.flag_filename,
    o.org_id,
    o.name as org_name,
    l.language_id as language_id,
    l.name as programming_language,
    round(((r.wins + 0.5*r.draws)/(r.wins+r.draws+r.losses))*100, 2) as rank_percent
from
    rankings r 
    inner join submissions s on s.submission_id = r.submission_id
    inner join users u on u.user_id = s.user_id
    left outer join organizations o on o.org_id = u.org_id
    left outer join countries c on c.country_id = u.country_id
    inner join languages l on l.language_id = s.language_id
where
    leaderboard_id = {$leaderboard_id}
    {$filter_text}
order by
    rank asc
EOT;
    if ($viewmore) {
        $rankings_query .= " limit {$viewresults}";
    } else {
        if ($page != 0) {
            $rankings_query .= " limit {$viewresults} OFFSET " . $viewresults * ($page - 1);
        }
    }
    $rankings_results = mysql_query($rankings_query);
    // If query fails
    if (!$rankings_results || $rowcount == 0) {
        return "<p>Rankings are not available at the moment. Check back soon!</p>";
    }
    $pagination .= getPaginationString($page, $rowcount, $viewresults, $viewlink);
    $table = "";
    if ($filter != NULL) {
        $table .= "<a href=\"rankings.php\">&#0171; Back to Main Leaderboard</a>";
    }
    if (!$viewmore) {
        $table .= $pagination;
    }
    $table .= <<<EOT
<table class="leaderboard">
<thead>
<tr>
  <th>Rank</th>
  <!--<th>Score</th>-->
  <th>Username</th>
  <th>Country</th>
  <th>Organization</th>
  <th>Language</th>
  <th>Elo Score</th>
  <!--<th>Wins</th>-->
  <!--<th>Losses</th>-->
  <!--<th>Draws</th>-->
</tr>
</thead>
<tbody>
EOT;
    $old_score = 999999;
    $old_rank = -1;
    for ($i = 1; $row = mysql_fetch_assoc($rankings_results); $i += 1) {
        $username = htmlentities($row["username"]);
        $programming_language = $row["programming_language"];
        $score = $row["score"];
        $programming_language_link = urlencode($row["programming_language"]);
        $rank = $row["rank"];
        if ($score == $old_score) {
            $rank = $old_rank;
        }
        $old_score = $score;
        $old_rank = $rank;
        $rank = $filter == null ? $rank : $i + $offset . " <span title='Global Rank'>({$rank})</span>";
        $rank_percent = $row["rank_percent"];
        $wins = $row["wins"];
        $losses = $row["losses"];
        $draws = $row["draws"];
        $flag_filename = $row["flag_filename"];
        $country_id = $row["country_id"];
        $country_name = $row["country_name"];
        $country_name = $country_name == NULL ? "Unknown" : htmlentities($country_name);
        $org_name = htmlentities($row["org_name"]);
        $org_id = $row["org_id"];
        $user_id = $row["user_id"];
        $row_class = $i % 2 == 0 ? "even" : "odd";
        $flag_filename = $flag_filename == NULL ? "unk.png" : $flag_filename;
        $flag_filename = "<img alt=\"{$country_name}\" width=\"16\" height=\"11\" title=\"{$country_name}\" src=\"flags/{$flag_filename}\" />";
        if (current_username() == $username) {
            $table .= "  <tr class=\"{$row_class}, user\">\n";
        } else {
            $table .= "  <tr class=\"{$row_class}\">\n";
        }
        $table .= "    <td>{$rank}</td>\n";
        //$table .= "    <td>$rank_percent</td>\n";
        $table .= "    <td><a href=\"profile.php?user_id={$user_id}\">{$username}</a></td>\n";
        $table .= "    <td><a href=\"country_profile.php?country_id={$country_id}\">{$flag_filename}</a></td>";
        $table .= "    <td><a href=\"organization_profile.php?org_id={$org_id}\">{$org_name}</a></td>";
        $table .= "    <td><a href=\"language_profile.php?lang={$programming_language_link}\">{$programming_language}</a></td>";
        $table .= "    <td>{$score}</td>";
        //$table .= "    <td>$wins</td>";
        //$table .= "    <td>$losses</td>";
        //$table .= "    <td>$draws</td>";
        $table .= "  </tr>\n";
    }
    $table .= "</tbody></table>";
    if (!$viewmore) {
        $table .= $pagination;
    }
    if ($viewmore && $rowcount > $viewresults) {
        $table .= "<a href=\"{$viewlink}\">View More</a>";
    }
    return $table;
}
include 'session.php';
function safe_str($str)
{
    return mysql_real_escape_string(stripslashes($str));
}
if (!(logged_in_with_valid_credentials() && logged_in_as_admin())) {
    die("Forget it, you must be logged in as admin.");
}
if (!isset($_POST['user_id']) || !isset($_POST['reason'])) {
    die("Did not receive user_id or reason");
}
$user_id = safe_str($_POST['user_id']);
$reason = $_POST['reason'];
$query = "SELECT * from users where user_id=" . $user_id;
$result = mysql_query($query);
if (!result || mysql_num_rows($result) != 1) {
    die("Could not find the user account");
}
$user = mysql_fetch_assoc($result);
if ($user['password'] == "") {
    die("This account is already disabled");
}
$admin = current_username();
$bio = safe_str($user['bio'] . " - " . $reason . " by " . $admin);
$email = safe_str($user['email'] . " disabled");
$query = "UPDATE users SET email='{$email}', bio = '{$bio}', password = ''\n    WHERE user_id={$user_id}";
mysql_query($query);
$query = "UPDATE submissions SET latest=0 WHERE user_id={$user_id}";
mysql_query($query);
header("Location: profile.php?user_id=" . $user_id);
Example #6
0
				<li><?php 
    echo anchor('availability', lang('availability'));
    ?>
</li>
			</ul>
		</div>
		<?php 
}
?>

		<?php 
if (current_user_id() > 0) {
    ?>
		<div id="welcome">
		<?php 
    echo "<em>" . current_username() . " (" . strtolower(lang(current_role())) . ")" . "</em>";
    echo " | ";
    echo anchor('user/edit/' . current_user_id(), lang('edit_user_profile'));
    echo " | ";
    echo anchor('user/change_password/' . current_user_id(), lang('change_password'));
    echo " | ";
    if (user_role() === UserRole::Admin && !is_admin()) {
        echo anchor('login/switch_to/admin', lang('login_admin'));
        echo " | ";
    }
    if ((user_role() === UserRole::Admin || user_role() === UserRole::Leader) && !is_leader()) {
        echo anchor('login/switch_to/leader', lang('login_leader'));
        echo " | ";
    }
    if ((user_role() === UserRole::Admin || user_role() === UserRole::Leader) && !is_caller()) {
        echo anchor('login/switch_to/caller', lang('login_caller'));
Example #7
0
           $row = mysql_fetch_assoc($result);
           $queue_size = $row['count(1)'];
           if ($queue_size > 50) {
               echo "<p>Most likely to play next game within the
                   next $queue_size games.</p>";
           } else {
               echo "<p>Next game should be played soon.</p>";
           }
       }
    */
    echo "<h3><span>Latest Games</span><div class=\"divider\" /></h3>";
    echo getGamesTableString($user_id, true, 15, "profile_games.php?user_id={$user_id}");
    echo "<p></p>";
    echo "<h3><span>Recent Submissions</span><div class=\"divider\" /></h3>";
    echo getSubmissionTableString($user_id, true, 10, "profile_submissions.php?user_id={$user_id}");
}
//$cache->end();
//}
if (logged_in_with_valid_credentials() && logged_in_as_admin()) {
    $username = current_username();
    echo <<<EOT
<form  method="post" action="disable_account.php"
 onSubmit='return confirm("Are you sure you want do disable this account?")'>
  <h2>Disable Account:</h2>
  <p>Reason: <input name="reason" type="text" />&nbsp;by&nbsp;{$username}.</p>
  <input type="submit" value="Disable Account" />
  <input type="hidden" name="user_id" value="{$user_id}" />
</form>
EOT;
}
include 'footer.php';
Example #8
0
<div id="main">
<!-- <div id="wrapper"> -->
  <div id="header">
    <div class="grid">
    <h1>Google AI Challenge</h1>
    <h2>Organized by the University of Waterloo Computer Science Club and sponsored by Google</h2>
    <span id="sign">
      <?php 
if (logged_in_with_valid_credentials()) {
    ?>
        <a href="profile.php?user_id=<?php 
    echo current_user_id();
    ?>
">
          My Profile (<?php 
    echo htmlspecialchars(current_username());
    ?>
)
          </a> |
        <a href="logout.php">Sign Out</a>
      <?php 
} else {
    ?>
        <a href="login.php">Sign In</a> |
        <a href="register.php">Sign Up</a>
      <?php 
}
?>
    </span>
    </div>
  </div>