function enforce_authentication($minClass = CONFIG_UC_USER)
{
login_session_refresh();
if (!user_is_logged_in()) {
logout();
}
if ($_SESSION['IID'] != $_SESSION['UIID'] && !verifySAGlobal()) {
logout();
}
if ($_SESSION['class'] < $minClass) {
log_exception(new Exception('Class less than required'));
logout();
}
if (user_is_staff() && $_SESSION['fingerprint'] != get_fingerprint()) {
logout();
}
enforce_2fa();
}
function head($title = '')
{
global $head_sent;
header('Content-Type: text/html; charset=utf-8');
echo '<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>', $title ? htmlspecialchars($title) . ' : ' : '', CONFIG_SITE_NAME, ' - ', CONFIG_SITE_SLOGAN, '</title>
<meta name="description" content="', CONFIG_SITE_DESCRIPTION, '">
<meta name="author" content="">
<link rel="icon" href="', CONFIG_SITE_URL_STATIC_RESOURCES, 'img/favicon.png" type="image/png" />
<!-- CSS -->
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css" rel="stylesheet">
<link href="', CONFIG_SITE_URL_STATIC_RESOURCES, 'css/mellivora.css" rel="stylesheet">';
js_global_dict();
if (CONFIG_SEGMENT_IO_KEY) {
echo '
<script type="text/javascript">
window.analytics=window.analytics||[],window.analytics.methods=["identify","group","track","page","pageview","alias","ready","on","once","off","trackLink","trackForm","trackClick","trackSubmit"],window.analytics.factory=function(t){return function(){var a=Array.prototype.slice.call(arguments);return a.unshift(t),window.analytics.push(a),window.analytics}};for(var i=0;i<window.analytics.methods.length;i++){var key=window.analytics.methods[i];window.analytics[key]=window.analytics.factory(key)}window.analytics.load=function(t){if(!document.getElementById("analytics-js")){var a=document.createElement("script");a.type="text/javascript",a.id="analytics-js",a.async=!0,a.src=("https:"===document.location.protocol?"https://":"http://")+"cdn.segment.io/analytics.js/v1/"+t+"/analytics.min.js";var n=document.getElementsByTagName("script")[0];n.parentNode.insertBefore(a,n)}},window.analytics.SNIPPET_VERSION="2.0.9",
window.analytics.load("', CONFIG_SEGMENT_IO_KEY, '");
window.analytics.page();
</script>
';
}
echo '
</head>
<body>';
if (!user_is_logged_in()) {
login_dialog();
}
echo '
<div class="page">
<nav class="header" id="header">
<div id="header-inner">
<div id="header-logo">
<a href="', CONFIG_SITE_URL, '">
<h3 id="site-logo-text">', CONFIG_SITE_NAME, '</h3>
<div id="site-logo">
<object data="' . CONFIG_SITE_URL_STATIC_RESOURCES . 'img/mellivora.svg" type="image/svg+xml"></object>
</div>
</a>
</div>
<div id="header-menu">
<ul class="nav nav-pills pull-right" id="menu-main">';
if (user_is_logged_in()) {
if (user_is_staff()) {
echo '<li><a href="', CONFIG_SITE_ADMIN_URL, '">', lang_get('manage'), '</a></li>';
}
echo '
<li><a href="', CONFIG_SITE_URL, 'home">', lang_get('home'), '</a></li>
<li><a href="', CONFIG_SITE_URL, 'challenges">', lang_get('challenges'), '</a></li>
<li><a href="', CONFIG_SITE_URL, 'hints">', lang_get('hints'), '</a></li>
<li><a href="', CONFIG_SITE_URL, 'scores">', lang_get('scores'), '</a></li>
<li><a href="', CONFIG_SITE_URL, 'profile">', lang_get('profile'), '</a></li>
', dynamic_menu_content(), '
<li>', form_logout(), '</li>
';
} else {
echo '
<li><a href="', CONFIG_SITE_URL, 'home">', lang_get('home'), '</a></li>
<li><a href="', CONFIG_SITE_URL, 'scores">', lang_get('scoreboard'), '</a></li>
', dynamic_menu_content(), '
<li><a href="', CONFIG_SITE_URL, 'register">', lang_get('register'), '</a></li>
<li><a href="" data-toggle="modal" data-target="#login-dialog">', lang_get('log_in'), '</a></li>
';
}
echo '
</ul>
</div>
</div>
</nav><!-- navbar -->
<div class="container" id="body-container">
<div id="content-container">
';
if (isset($_GET['generic_success'])) {
message_inline_green('<h3>' . lang_get('action_success') . '</h3>', false);
} else {
if (isset($_GET['generic_failure'])) {
message_inline_red('<h3>' . lang_get('action_failure') . '</h3>', false);
} else {
if (isset($_GET['generic_warning'])) {
message_inline_red('<h3>', lang_get('action_something_went_wrong'), '</h3>', false);
}
}
}
$head_sent = true;
}
<?php
require '../include/mellivora.inc.php';
$user = db_select_one('users', array('id', 'enabled'), array('download_key' => $_GET['team_key']));
if (!is_valid_id($user['id'])) {
log_exception(new Exception('Invalid team key used for download'));
message_error(lang_get('invalid_team_key'));
}
if (!$user['enabled']) {
message_error(lang_get('user_not_enabled'));
}
$file = db_query_fetch_one('
SELECT
f.id,
f.title,
f.size,
f.md5,
c.available_from
FROM files AS f
LEFT JOIN challenges AS c ON c.id = f.challenge
WHERE f.download_key = :download_key', array('download_key' => $_GET['file_key']));
if (!is_valid_id($file['id'])) {
log_exception(new Exception('Invalid file key used for download'));
message_error(lang_get('no_file_found'));
}
if (time() < $file['available_from'] && !user_is_staff()) {
message_error(lang_get('file_not_available'));
}
download_file($file);
function head($title = '')
{
header('Content-Type: text/html; charset=utf-8');
echo '<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>', $title ? htmlspecialchars($title) . ' : ' : '', CONFIG_SITE_NAME, ' - ', CONFIG_SITE_SLOGAN, '</title>
<meta name="description" content="', CONFIG_SITE_DESCRIPTION, '">
<meta name="author" content="">
<link rel="icon" href="', CONFIG_SITE_URL, 'img/favicon.png" type="image/png" />
<!-- CSS -->
<link href="https://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css" rel="stylesheet">
<link href="', CONFIG_SITE_URL, 'css/mellivora.css" rel="stylesheet">';
js_global_dict();
if (CONFIG_SEGMENT_IO_KEY) {
echo '
<script type="text/javascript">
window.analytics=window.analytics||[],window.analytics.methods=["identify","group","track","page","pageview","alias","ready","on","once","off","trackLink","trackForm","trackClick","trackSubmit"],window.analytics.factory=function(t){return function(){var a=Array.prototype.slice.call(arguments);return a.unshift(t),window.analytics.push(a),window.analytics}};for(var i=0;i<window.analytics.methods.length;i++){var key=window.analytics.methods[i];window.analytics[key]=window.analytics.factory(key)}window.analytics.load=function(t){if(!document.getElementById("analytics-js")){var a=document.createElement("script");a.type="text/javascript",a.id="analytics-js",a.async=!0,a.src=("https:"===document.location.protocol?"https://":"http://")+"cdn.segment.io/analytics.js/v1/"+t+"/analytics.min.js";var n=document.getElementsByTagName("script")[0];n.parentNode.insertBefore(a,n)}},window.analytics.SNIPPET_VERSION="2.0.9",
window.analytics.load("', CONFIG_SEGMENT_IO_KEY, '");
window.analytics.page();
</script>
';
}
echo '
</head>
<body>
<div class="container" id="body-container">
<div class="header" id="header">
<ul class="nav nav-pills pull-right" id="menu-main">';
$requested_filename = requested_file_name();
if (user_is_logged_in()) {
if (user_is_staff()) {
echo '<li', requested_file_name() == 'index' ? ' class="active"' : '', '><a href="', CONFIG_SITE_ADMIN_URL, '">Manage</a></li>';
}
echo '
<li', $requested_filename == 'home' ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'home">Home</a></li>
<li', $requested_filename == 'challenges' ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'challenges">Challenges</a></li>
<li', $requested_filename == 'hints' ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'hints">Hints</a></li>
<li', $requested_filename == 'scores' ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'scores">Scores</a></li>
<li', $requested_filename == 'profile' ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'profile">Profile</a></li>
<li', $requested_filename == 'logout' ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'logout">Log out</a></li>
';
} else {
echo '
<li', $requested_filename == 'home' ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'home">Home</a></li>
<li', $requested_filename == 'login' ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'login">Log in / Register</a></li>
<li', $requested_filename == 'scores' ? ' class="active"' : '', '><a href="', CONFIG_SITE_URL, 'scores">Scores</a></li>
';
}
echo '
</ul>
<a href="', CONFIG_SITE_URL, '">
<h3 id="site-logo-text">', CONFIG_SITE_NAME, '</h3>
<div id="site-logo"/></div>
</a>
</div><!-- navbar -->
<div id="content-container">
';
if (isset($_GET['generic_success'])) {
message_inline_green('<h3>Success!</h3>', false);
} else {
if (isset($_GET['generic_failure'])) {
message_inline_red('<h3>Failure!</h3>', false);
} else {
if (isset($_GET['generic_warning'])) {
message_inline_red('<h3>Something went wrong! Most likely the action you attempted has failed.</h3>', false);
}
}
}
}
function enforce_authentication($min_class = CONST_USER_CLASS_USER, $force_user_data_reload = false)
{
login_session_refresh($force_user_data_reload);
if (!user_is_logged_in()) {
logout();
}
if ($_SESSION['class'] < $min_class) {
log_exception(new Exception('Class less than required'));
logout();
}
if (user_is_staff() && $_SESSION['fingerprint'] != get_fingerprint()) {
logout();
}
enforce_2fa();
}
function iard_file_iard_only()
{
if (user_is_senior_staff() || user_is_board() || user_is_staff() || current_user_can('manage_options')) {
return true;
}
return false;
}
function head($title = '')
{
header('Content-Type: text/html; charset=utf-8');
echo '<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>', $title ? htmlspecialchars($title) . ' : ' : '', CONFIG_SITE_NAME, ' - ', CONFIG_SITE_SLOGAN, '</title>
<meta name="description" content="', CONFIG_SITE_DESCRIPTION, '">
<meta name="author" content="">
<link rel="icon" href="', CONFIG_SITE_URL, 'img/favicon.png" type="image/png" />
<!-- CSS -->
<link href="https://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css" rel="stylesheet">
<link href="', CONFIG_SITE_URL, 'css/mellivora.css" rel="stylesheet">';
js_global_dict();
if (CONFIG_SEGMENT_IO_KEY) {
echo '
<script type="text/javascript">
window.analytics=window.analytics||[],window.analytics.methods=["identify","group","track","page","pageview","alias","ready","on","once","off","trackLink","trackForm","trackClick","trackSubmit"],window.analytics.factory=function(t){return function(){var a=Array.prototype.slice.call(arguments);return a.unshift(t),window.analytics.push(a),window.analytics}};for(var i=0;i<window.analytics.methods.length;i++){var key=window.analytics.methods[i];window.analytics[key]=window.analytics.factory(key)}window.analytics.load=function(t){if(!document.getElementById("analytics-js")){var a=document.createElement("script");a.type="text/javascript",a.id="analytics-js",a.async=!0,a.src=("https:"===document.location.protocol?"https://":"http://")+"cdn.segment.io/analytics.js/v1/"+t+"/analytics.min.js";var n=document.getElementsByTagName("script")[0];n.parentNode.insertBefore(a,n)}},window.analytics.SNIPPET_VERSION="2.0.9",
window.analytics.load("', CONFIG_SEGMENT_IO_KEY, '");
window.analytics.page();
</script>
';
}
echo '
</head>
<body>';
if (!user_is_logged_in()) {
login_dialog();
}
if ($_GET["instanceURI"] != null) {
loadInstanceURI($_GET["instanceURI"]);
}
if ($_GET["instanceID"] != null && $_SESSION['IID'] == null && !verifySAGlobal()) {
loadInstance($_GET["instanceID"]);
}
if ($_SESSION['IID'] == null) {
loadInstance('0');
} else {
// loadInstance('')
}
echo '
<div class="page">
<nav class="header" id="header">
<div id="header-inner">
<div id="header-logo">
<a href="', CONFIG_SITE_URL, '">
<h4 id="site-logo-text">', CONFIG_SITE_NAME, '</h4>
<h6 id="site-logo-text">' . $_SESSION["IName"] . '</h6>
<div id="site-logo"/>
<img src = "../img/btn_DIS1.jpg" height="50" width="50"><img src = "../img/sit_it_choices.jpg" height="50" width="50">
</div>
</a>
</div>
<div id="header-menu">
<ul class="nav nav-pills pull-right" id="menu-main">';
if (user_is_logged_in()) {
if (user_is_staff()) {
echo '<li><a href="', CONFIG_SITE_ADMIN_URL, '">Manage</a></li>';
}
echo '
<li><a href="', CONFIG_SITE_URL, 'home">Home</a></li>
<li><a href="', CONFIG_SITE_URL, 'challenges">Challenges</a></li>
<li><a href="', CONFIG_SITE_URL, 'scores">Scores</a></li>
<li><a href="', CONFIG_SITE_URL, 'profile">Profile</a></li>
', $_SESSION['IID'] == 0 ? '<li><a href="' . CONFIG_SITE_URL . 'game">Game</a></li>' : "", '
', dynamic_menu_content(), '
<li><a href="', CONFIG_SITE_URL, 'logout">Log out (', substr($_SESSION['UName'], 0, 10), ')</a></li>
';
} else {
echo '
<li><a href="', CONFIG_SITE_URL, 'home">Home</a></li>
<li><a href="', CONFIG_SITE_URL, 'scores">Scores</a></li>
', dynamic_menu_content(), '
<li><a href="', CONFIG_SITE_URL, 'register">Register</a></li>
<li><a href="" data-toggle="modal" data-target="#login-dialog">Log in</a></li>
';
}
echo '
</ul>
</div>
</div>
</nav><!-- navbar -->
<div class="container" id="body-container">
<div id="content-container">
';
if (isset($_GET['generic_success'])) {
message_inline_green('<h3>Success!</h3>', false);
} else {
if (isset($_GET['generic_failure'])) {
message_inline_red('<h3>Failure!</h3>', false);
} else {
if (isset($_GET['generic_warning'])) {
message_inline_red('<h3>Something went wrong! Most likely the action you attempted has failed.</h3>', false);
}
}
}
}
