<?php
require '../../../include/ctf.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_id($_POST['id']);
validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
if ($_POST['action'] == 'edit') {
db_update('dynamic_pages', array('title' => $_POST['title'], 'body' => $_POST['body'], 'visibility' => $_POST['visibility'], 'min_user_class' => $_POST['min_user_class']), array('id' => $_POST['id']));
invalidate_cache($_POST['id'], CONST_CACHE_DYNAMIC_PAGES_GROUP);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_dynamic_page.php?id=' . $_POST['id'] . '&generic_success=1');
} else {
if ($_POST['action'] == 'delete') {
if (!$_POST['delete_confirmation']) {
message_error('Please confirm delete');
}
db_delete('dynamic_pages', array('id' => $_POST['id']));
invalidate_cache($_POST['id'], CONST_CACHE_DYNAMIC_PAGES_GROUP);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_dynamic_pages.php?generic_success=1');
}
}
}
<?php
require '../../../include/mellivora.inc.php';
enforce_authentication(CONFIG_UC_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_id($_POST['id']);
validate_xsrf_token($_POST['xsrf_token']);
if ($_POST['action'] == 'edit') {
db_update('news', array('title' => $_POST['title'], 'body' => $_POST['body']), array('id' => $_POST['id']));
invalidate_cache('home');
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_news.php?id=' . $_POST['id'] . '&generic_success=1');
} else {
if ($_POST['action'] == 'delete') {
if (!$_POST['delete_confirmation']) {
message_error('Please confirm delete');
}
db_delete('news', array('id' => $_POST['id']));
invalidate_cache('home');
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_news.php?generic_success=1');
}
}
}
<?php
require '../../../include/mellivora.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_id($_POST['id']);
validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
if ($_POST['action'] == 'edit') {
db_update('news', array('title' => $_POST['title'], 'body' => $_POST['body']), array('id' => $_POST['id']));
invalidate_cache(CONST_CACHE_NAME_HOME);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_news.php?id=' . $_POST['id'] . '&generic_success=1');
} else {
if ($_POST['action'] == 'delete') {
if (!$_POST['delete_confirmation']) {
message_error('Please confirm delete');
}
db_delete('news', array('id' => $_POST['id']));
invalidate_cache(CONST_CACHE_NAME_HOME);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_news.php?generic_success=1');
}
}
}
<?php
require '../../../include/mellivora.inc.php';
enforce_authentication(CONFIG_UC_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_xsrf_token($_POST['xsrf_token']);
if ($_POST['action'] == 'new') {
$id = db_insert('hints', array('added' => time(), 'added_by' => $_SESSION['id'], 'challenge' => $_POST['challenge'], 'visible' => $_POST['visible'], 'body' => $_POST['body']));
if ($id) {
invalidate_cache('hints');
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_hint.php?id=' . $id);
} else {
message_error('Could not insert new hint.');
}
}
}
<?php
require '../../../include/mellivora.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
if ($_POST['action'] == 'new') {
$id = db_insert('hints', array('added' => time(), 'added_by' => $_SESSION['id'], 'challenge' => $_POST['challenge'], 'visible' => $_POST['visible'], 'body' => $_POST['body']));
if ($id) {
invalidate_cache(CONST_CACHE_NAME_HINTS);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_hint.php?id=' . $id);
} else {
message_error('Could not insert new hint.');
}
}
}
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_id($_POST['id']);
validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
if ($_POST['action'] == 'edit') {
db_update('challenges', array('title' => $_POST['title'], 'description' => $_POST['description'], 'flag' => $_POST['flag'], 'automark' => $_POST['automark'], 'case_insensitive' => $_POST['case_insensitive'], 'points' => $_POST['points'], 'category' => $_POST['category'], 'exposed' => $_POST['exposed'], 'available_from' => strtotime($_POST['available_from']), 'available_until' => strtotime($_POST['available_until']), 'num_attempts_allowed' => $_POST['num_attempts_allowed'], 'min_seconds_between_submissions' => $_POST['min_seconds_between_submissions'], 'relies_on' => $_POST['relies_on']), array('id' => $_POST['id']));
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_challenge.php?id=' . $_POST['id'] . '&generic_success=1');
} else {
if ($_POST['action'] == 'delete') {
if (!$_POST['delete_confirmation']) {
message_error('Please confirm delete');
}
delete_challenge_cascading($_POST['id']);
invalidate_cache(CONST_CACHE_NAME_FILES . $_POST['id']);
invalidate_cache(CONST_CACHE_NAME_CHALLENGE_HINTS . $_POST['id']);
redirect(CONFIG_SITE_ADMIN_RELPATH . '?generic_success=1');
} else {
if ($_POST['action'] == 'upload_file') {
store_file($_POST['id'], $_FILES['file']);
invalidate_cache(CONST_CACHE_NAME_FILES . $_POST['id']);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_challenge.php?id=' . $_POST['id'] . '&generic_success=1');
} else {
if ($_POST['action'] == 'delete_file') {
delete_file($_POST['id']);
invalidate_cache(CONST_CACHE_NAME_FILES . $_POST['id']);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_challenge.php?id=' . $_POST['challenge_id'] . '&generic_success=1');
}
}
}
}
}
require '../../../include/ctf.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_id($_POST['id']);
validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
if ($_POST['action'] == 'edit') {
validate_email($_POST['email']);
db_update('users', array('email' => $_POST['email'], 'team_name' => $_POST['team_name'], 'enabled' => $_POST['enabled'], 'competing' => $_POST['competing'], 'country_id' => $_POST['country']), array('id' => $_POST['id']));
invalidate_cache(CONST_CACHE_NAME_USER . $_POST['id']);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
} else {
if ($_POST['action'] == 'delete') {
if (!$_POST['delete_confirmation']) {
message_error('Please confirm delete');
}
db_delete('users', array('id' => $_POST['id']));
db_delete('submissions', array('user_id' => $_POST['id']));
db_delete('ip_log', array('user_id' => $_POST['id']));
db_delete('cookie_tokens', array('user_id' => $_POST['id']));
invalidate_cache(CONST_CACHE_NAME_USER . $_POST['id']);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
} else {
if ($_POST['action'] == 'reset_password') {
$new_password = generate_random_string(8);
$new_passhash = make_passhash($new_password);
db_update('users', array('passhash' => $new_passhash), array('id' => $_POST['id']));
message_generic('Success', 'Users new password is: ' . $new_password);
}
}
}
}
require '../../../include/mellivora.inc.php';
enforce_authentication(CONFIG_UC_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_id($_POST['id']);
validate_xsrf_token($_POST['xsrf_token']);
validateAuthority(1, $_GET['id']);
if ($_POST['action'] == 'edit') {
validate_email($_POST['email']);
db_update('users', array('email' => $_POST['email'], 'team_name' => $_POST['team_name'], 'enabled' => $_POST['enabled'], 'competing' => $_POST['competing'], 'country_id' => $_POST['country'], 'remarks' => $_POST['remarks']), array('id' => $_POST['id']));
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
} else {
if ($_POST['action'] == 'delete') {
if (!$_POST['delete_confirmation']) {
message_error('Please confirm delete');
}
db_delete('users', array('id' => $_POST['id']));
db_delete('submissions', array('user_id' => $_POST['id']));
db_delete('ip_log', array('user_id' => $_POST['id']));
db_delete('cookie_tokens', array('user_id' => $_POST['id']));
invalidate_cache('user_' . $_POST['id']);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_users.php?generic_success=1');
} else {
if ($_POST['action'] == 'reset_password') {
$new_password = generate_random_string(8);
$new_passhash = make_passhash($new_password);
db_update('users', array('passhash' => $new_passhash), array('id' => $_POST['id']));
message_generic('Success', 'Users new password is: ' . $new_password);
}
}
}
}
<?php
require '../../../include/mellivora.inc.php';
enforce_authentication(CONST_USER_CLASS_MODERATOR);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_id($_POST['id']);
validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
$challenge = db_select_one('hints', array('challenge AS id'), array('id' => $_POST['id']));
if ($_POST['action'] == 'edit') {
db_update('hints', array('body' => $_POST['body'], 'challenge' => $_POST['challenge'], 'visible' => $_POST['visible']), array('id' => $_POST['id']));
invalidate_cache(CONST_CACHE_NAME_HINTS);
invalidate_cache(CONST_CACHE_NAME_CHALLENGE_HINTS . $challenge['id']);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'edit_hint.php?id=' . htmlspecialchars($_POST['id']) . '&generic_success=1');
} else {
if ($_POST['action'] == 'delete') {
if (!$_POST['delete_confirmation']) {
message_error('Please confirm delete');
}
db_delete('hints', array('id' => $_POST['id']));
invalidate_cache(CONST_CACHE_NAME_HINTS);
invalidate_cache(CONST_CACHE_NAME_CHALLENGE_HINTS . $challenge['id']);
redirect(CONFIG_SITE_ADMIN_RELPATH . 'list_hints.php?generic_success=1');
}
}
}
