Example #1
0
<p>Nmap is installed on your machine. You can use it.</p>

<p>After scan you may have a look at directory:<br>
~/contest-2016/task3/ and investigate the exec.asm file.
File contains remote exploit which will reveal some secrets to you.
You must compile this file and send it to the port you found.<br>
If you are really curios hacker, you could take a look at exec.asm file content.
</p>

<?php 
if (is_hint()) {
    ?>

    <div class="hint">
        <?php 
    echo show_hint();
    ?>
    </div>

<?php 
}
?>
</p>


<form method="post">
    Answer: <input type="text" name="answer">
    <input type="submit" value="Submit">
</form>
 * absolutely no warranty. You can redistribute and/or modify it under the terms
 * of the GNU General Public License as published by the Free Software Foundation
 * (see <http://www.gnu.org/licenses/ for more information).
 *
 */
include_once 'database/dbPersons.php';
include_once 'domain/Person.php';
include_once 'database/dbShifts.php';
include_once 'domain/Shift.php';
include_once 'database/dbProjects.php';
include_once 'domain/Project.php';
error_log("In reportsAjax.php");
if (isset($_GET['q'])) {
    //Was $_POST changing it to $_GET allows hints to display - GIOVI
    $names = getall_volunteer_names();
    show_hint($names);
}
if (isset($_POST['_form_submit']) && $_POST['_form_submit'] == 'report') {
    show_report();
}
function show_report()
{
    error_log("******START: show_report******");
    $shifthistories = get_all_peoples_histories_in_shifts();
    // This returns a key sorted list of everyone's names that are or were in shifts; - GIOVI
    //The key being the the person's id and the associated value being the id of every shift s/he is in separated by commas. - GIOVI
    $projecthistories = get_all_peoples_histories_in_proj();
    //This returns a key sorted list of everyone's names that are or were in projects - GIOVI
    $name = $_POST['volunteer-names'];
    $from = "";
    $to = "";