function processAdjustUserDataRequest($request)
{
$prfx = DB_PREFIX;
$user_row = RequestUtils::testSession($request->sessionID);
$adjust_user_id = $request->userID;
$adjust_user_row = Data::getRow(sprintf("SELECT * FROM {$prfx}user WHERE id=%s", Data::quote_smart($adjust_user_id)));
if (!$adjust_user_row) {
throwBusinessLogicError(2);
}
if ($user_row['user_type'] === 'Participant') {
throwBusinessLogicError(0);
}
if ($user_row['user_type'] === 'ContestAdmin' && $user_row['contest_id'] != $adjust_user_row['contest_id']) {
throwBusinessLogicError(0);
}
$queries = array();
if (!is_null($request->login)) {
$queries['login'] = $request->login;
}
if (!is_null($request->password)) {
$queries['password'] = $request->password;
}
if (!is_null($request->userData)) {
$queries['user_data'] = @serialize($request->userData);
}
if (!is_null($request->newType)) {
$queries['user_type'] = $request->newType;
}
$q = Data::composeUpdateQuery("user", $queries, sprintf("id=%s", Data::quote_smart($adjust_user_id)));
Data::submitModificationQuery($q);
return new AcceptedResponse();
}
function processGetUsersRequest($request)
{
$user_row = RequestUtils::testSession($request->sessionID);
$prfx = DB_PREFIX;
$user_type = $user_row['user_type'];
$contest_id = RequestUtils::getRequestedContest($request->contestID, $user_row['contest_id'], $user_type);
//make superadmin possible to get users of zero-contest
if ($user_type == 'SuperAdmin' && ($request->contestID == 0 || $request->contestID == -1)) {
$contest_id = 0;
}
if ($contest_id < 0 || $user_type === 'Participant') {
throwBusinessLogicError(0);
}
$rows = Data::getRows(sprintf("SELECT * FROM {$prfx}user WHERE contest_id={$contest_id}"));
$res = new GetUsersResponse();
$res->users = array();
while ($row = Data::getNextRow($rows)) {
$ud = new UserDescription();
$ud->userID = (int) $row['id'];
$ud->login = $row['login'];
$ud->password = $row['password'];
$ud->dataValue = Data::_unserialize($row['user_data'], array());
$ud->userType = $row['user_type'];
$res->users[] = $ud;
}
return $res;
}
function processRemoveContestRequest($request)
{
$prfx = DB_PREFIX;
$user_row = RequestUtils::testSession($request->sessionID);
$contest_id = $request->contestID;
//simple security check
if (!is_numeric($contest_id)) {
throwBusinessLogicError(14);
}
if ($user_row['user_type'] !== 'SuperAdmin') {
throwBusinessLogicError(0);
} else {
if ($contest_id === 0) {
throwBusinessLogicError(16);
}
}
//get all users of the contest
$contest_user_rows = Data::getRows("SELECT id FROM {$prfx}user WHERE contest_id={$contest_id}");
//compose where clause for delete query
$where_user_id = "";
while (list($user_id) = Data::getNextRow($contest_user_rows)) {
$where_user_id .= 'user_id=' . $user_id . 'OR';
}
$where_user_id .= '0=1';
Data::submitModificationQuery("DELETE FROM {$prfx}contest WHERE id={$contest_id}");
Data::submitModificationQuery("DELETE FROM {$prfx}problem WHERE contest_id={$contest_id}");
Data::submitModificationQuery("DELETE FROM {$prfx}problem_status WHERE {$where_user_id}");
Data::submitModificationQuery("DELETE FROM {$prfx}session WHERE {$where_user_id}");
Data::submitModificationQuery("DELETE FROM {$prfx}submission_history WHERE {$where_user_id}");
Data::submitModificationQuery("DELETE FROM {$prfx}user WHERE contest_id={$contest_id}");
return new AcceptedResponse();
}
function processDownloadPluginRequest($request)
{
//test rights
if ($request->side !== 'Client') {
$user = RequestUtils::testSession($request->sessionID);
if ($user['user_type'] !== 'SuperAdmin') {
throwBusinessLogicError(0);
}
}
//test plugin alias
if (preg_match('/^[\\p{L}0-9 ]+$/', $request->pluginAlias) === 0) {
throwBusinessLogicError(238);
}
//test file name to be a pure file name
if (strpos($request->pluginAlias, '/') || strpos($request->pluginAlias, '\\')) {
throwBusinessLogicError(6);
}
$res = new DownloadPluginResponse();
if ($request->side === 'Client') {
$res->pluginBytes = @file_get_contents($GLOBALS['dces_dir_client_plugins'] . '/' . $request->pluginAlias . '.jar') or throwBusinessLogicError(6);
} else {
$res->pluginBytes = @file_get_contents($GLOBALS['dces_dir_server_plugins'] . '/' . $request->pluginAlias . '.php') or throwBusinessLogicError(6);
}
return $res;
}
function &formBackingObject(&$request)
{
$post_id = RequestUtils::getPathWithinHandlerMapping();
if (is_null($post_id) || $post_id == '') {
show_error('EditPost', 'No post id specified.');
}
$post = $this->postDAO->getPostById($post_id);
if (is_null($post)) {
show_error('EditPost', 'Post not found.');
}
return $post;
}
function &handleRequestInternal(&$request, &$response)
{
$post_id = RequestUtils::getPathWithinHandlerMapping();
if (is_null($post_id) || $post_id == '') {
show_error('DeletePost', 'No post id specified.');
}
$post = new Post();
$post->id = $post_id;
$this->postDAO->deletePost($post);
$mv = new ModelAndView($this->successView);
return $mv;
}
function processAdjustPluginRequest($request)
{
$prfx = DB_PREFIX;
$user_row = RequestUtils::testSession($request->sessionID);
//authorize
if ($user_row['user_type'] !== 'SuperAdmin') {
throwBusinessLogicError(0);
}
//test plugin alias
if (preg_match('/^[\\p{L}0-9 ]+$/', $request->pluginAlias) === 0) {
throwBusinessLogicError(238);
}
$plugin_type = $request->side === 'Client' ? 'client' : 'server';
//test if there already is such plugin
$where_clause = sprintf("alias=%s", Data::quote_smart($request->pluginAlias));
$plugin_row = Data::getRow("SELECT * FROM {$prfx}{$plugin_type}_plugin WHERE {$where_clause}");
if ($plugin_row) {
$modify = true;
} else {
$modify = false;
}
//test all parameters specified
if (!$modify && is_null($request->description)) {
$request->description = "";
}
if (!$modify && (is_null($request->pluginData) || is_null($request->description))) {
throwBusinessLogicError(1);
}
//TODO test pluginAlias to be secure
if ($plugin_type === 'client') {
$ext = '.jar';
} else {
$ext = '.php';
}
//set file data
if (!is_null($request->pluginData)) {
file_put_contents($GLOBALS["dces_dir_{$plugin_type}_plugins"] . '/' . $request->pluginAlias . $ext, $request->pluginData);
}
//prepare set plugin description
$col_value = array();
if (!is_null($request->description)) {
$col_value['description'] = $request->description;
}
if ($modify) {
$query = Data::composeUpdateQuery("{$plugin_type}_plugin", $col_value, $where_clause);
} else {
$col_value['alias'] = $request->pluginAlias;
$query = Data::composeInsertQuery("{$plugin_type}_plugin", $col_value);
}
Data::submitModificationQuery($query);
return new AcceptedResponse();
}
function processConnectToContestRequest($request)
{
$prfx = DB_PREFIX;
//find user in table
$row = Data::getRow(sprintf("SELECT {$prfx}user.*, {$prfx}contest.settings\r\n FROM {$prfx}user\r\n LEFT JOIN {$prfx}contest\r\n ON {$prfx}user.contest_id = {$prfx}contest.id\r\n WHERE login=%s AND contest_id=%s", Data::quote_smart($request->login), Data::quote_smart($request->contestID)));
//test if there is at least one user
if (!$row) {
throwBusinessLogicError(12);
}
//test password
if ($row['password'] !== $request->password) {
throwBusinessLogicError(12);
}
//get contest settings and contest time
$settings = Data::_unserialize($row['settings'], null);
if (is_null($row['contest_start'])) {
$now = getdate();
$now = $now[0];
$q = Data::composeUpdateQuery('user', array('contest_start' => DatePHPToMySQL($now)), "id={$row['id']}");
Data::submitModificationQuery($q);
$row['contest_start'] = $now;
}
$contest_time = getCurrentContestTime($settings, DateMySQLToPHP($row['contest_start']), DateMySQLToPHP($row['contest_finish']));
if ($contest_time['interval'] === 'before' && $row['user_type'] === 'Participant') {
throwBusinessLogicError(19);
}
//start new session
$session_id = RequestUtils::createSession($row['id']);
//get finish time
if (is_null($settings)) {
$finish_time = 0;
} elseif ($settings->contestTiming->selfContestStart) {
$finish_time = $row['contest_start'] + 60 * $settings->contestTiming->maxContestDuration;
} else {
$finish_time = $settings->finish;
}
if (is_null($finish_time)) {
$finish_time = 0;
}
$res = new ConnectToContestResponse();
$res->sessionID = $session_id;
$res->finishTime = $finish_time;
$res->user = new UserDescription();
$res->user->userID = (int) $row['id'];
$res->user->login = $request->login;
$res->user->dataValue = Data::_unserialize($row['user_data'], array());
$res->user->userType = $row['user_type'];
return $res;
}
function processCreateContestRequest($request)
{
//get user_id or die, if session is invalid
$user_row = RequestUtils::testSession($request->sessionID);
//authorize user for this operation
$user_type = $user_row['user_type'];
if ($user_type !== 'SuperAdmin') {
throwBusinessLogicError(0);
}
unset($request->contest->contestID);
RequestUtils::assertContestSettingsIntegrity($request->contest);
$col_value = array('settings' => serialize($request->contest));
Data::submitModificationQuery(Data::composeInsertQuery('contest', $col_value));
Data::execPendingQueries();
$id = Data::getInsertedID();
$ccr = new CreateContestResponse();
$ccr->createdContestID = $id;
return $ccr;
}
public static function testSession($session_id)
{
//returns user id, dies absolutely if session is invalid
$prfx = DB_PREFIX;
//test session ID to have only alphanumeric characters
$session_regexp = "^[a-zA-Z0-9_]+\$";
if (!ereg($session_regexp, $session_id)) {
throwBusinessLogicError(3);
}
//test if there is at least one such user
$user_row = Data::getRow("SELECT {$prfx}user.*, {$prfx}contest.settings\r\n FROM {$prfx}session\r\n INNER JOIN {$prfx}user\r\n ON {$prfx}session.user_id={$prfx}user.id\r\n LEFT JOIN {$prfx}contest\r\n ON {$prfx}user.contest_id={$prfx}contest.id\r\n WHERE session_id='{$session_id}'");
if (!$user_row) {
throwBusinessLogicError(3);
}
if (is_null($user_row['settings'])) {
$user_row['settings'] = serialize(null);
}
RequestUtils::$user_row = $user_row;
//return found user
return $user_row;
}
function processRemovePluginRequest($request)
{
$prfx = DB_PREFIX;
$user_row = RequestUtils::testSession($request->sessionID);
//authorize
if ($user_row['user_type'] !== 'SuperAdmin') {
throwBusinessLogicError(0);
}
//test plugin alias
if (preg_match('/^[\\p{L}0-9 ]+$/', $request->pluginAlias) === 0) {
throwBusinessLogicError(238);
}
$plugin_type = $request->side === 'Client' ? 'client' : 'server';
$plugin_ext = $request->side === 'Client' ? '.jar' : '.php';
//remove from db
Data::submitModificationQuery(sprintf("DELETE FROM {$prfx}{$plugin_type}_plugin WHERE alias=%s", Data::quote_smart($request->pluginAlias)));
//remove from disk
//TODO don't remove files outside the client plugins folder
unlink("{$plugin_type}_plugins/" . $request->pluginAlias . $plugin_ext);
return new AcceptedResponse();
}
/**
* Created by IntelliJ IDEA.
* User: Посетитель
* Date: 17.04.2009
* Time: 15:57:17
* To change this template use File | Settings | File Templates.
*/
function processStopContestRequest($request)
{
$user_row = RequestUtils::testSession($request->sessionID);
$requested_contest_id = $user_row['contest_id'];
if ($requested_contest_id <= 0) {
throwBusinessLogicError(0);
}
$settings = Data::_unserialize($user_row['settings']);
if (!$settings->contestTiming->selfContestStart) {
throwBusinessLogicError(0);
}
$time = getCurrentContestTime($settings, DateMySQLToPHP($user_row['contest_start']), DateMySQLToPHP($user_row['contest_finish']));
if ($time['interval'] === 'before') {
throwBusinessLogicError(19);
}
if ($time['interval'] === 'after') {
throwBusinessLogicError(20);
}
$now = getdate();
$now = $now[0];
Data::submitModificationQuery(Data::composeUpdateQuery('user', array('contest_finish' => DatePHPToMySQL($now)), "id={$user_row['id']}"));
}
function processAvailablePluginsRequest($request)
{
//Uncomment to check permissions
$user_row = RequestUtils::testSession($request->sessionID);
if ($user_row['user_type'] !== 'SuperAdmin' && $user_row['user_type'] !== 'ContestAdmin') {
throwBusinessLogicError(0);
}
$prfx = DB_PREFIX;
if ($request->pluginSide === 'Client') {
$table_name = $prfx . "client_plugin";
} else {
$table_name = $prfx . "server_plugin";
}
$rows = Data::getRows("SELECT * FROM {$table_name}");
$res = new AvailablePluginsResponse();
$res->aliases = array();
$res->descriptions = array();
while ($row = Data::getNextRow($rows)) {
$res->aliases[] = $row['alias'];
$res->descriptions[] = $row['description'];
}
return $res;
}
function processRemoveUserRequest($request)
{
$prfx = DB_PREFIX;
$user_row = RequestUtils::testSession($request->sessionID);
$remove_user_id = $request->userID;
$remove_user_row = Data::getRow(sprintf("SELECT *\r\n FROM {$prfx}user\r\n WHERE id=%s", Data::quote_smart($remove_user_id)));
if (!$remove_user_row) {
throwBusinessLogicError(2);
}
if ($user_row['user_type'] === 'Participant') {
throwBusinessLogicError(0);
}
if ($user_row['user_type'] === 'ContestAdmin' && $user_row['contest_id'] != $remove_user_row['contest_id']) {
throwBusinessLogicError(0);
}
//remove user $remove_user_id
$prfx = DB_PREFIX;
//from 'users' table
Data::submitModificationQuery(sprintf("DELETE FROM {$prfx}user WHERE id=%s", Data::quote_smart($remove_user_id)));
Data::submitModificationQuery(sprintf("DELETE FROM {$prfx}session WHERE user_id=%s", Data::quote_smart($remove_user_id)));
Data::submitModificationQuery(sprintf("DELETE FROM {$prfx}submission_history WHERE user_id=%s", Data::quote_smart($remove_user_id)));
Data::submitModificationQuery(sprintf("DELETE FROM {$prfx}problem_status WHERE user_id=%s", Data::quote_smart($remove_user_id)));
return new AcceptedResponse();
}
/**
* Created by IDEA.
* User: ilya
* Date: 12.10.2010
* Time: 23:26:24
* To change this template use File | Settings | File Templates.
*/
function processCheckerRequest($request)
{
RequestUtils::testSession($request->sessionID);
}
function getStringParameters(&$request, $parameterName)
{
$values = $request->getParameter($parameterName);
if (!is_array($values)) {
return array(RequestUtils::getStringParameter($request, $parameterName));
}
return $values;
}
function message($code, $arguments = null, $text = '', $textDomain = '', $htmlEscape = null, $jsEscape = false)
{
$result = RequestUtils::getMessage($code, $arguments, $text, $textDomain, $htmlEscape);
if ($jsEscape) {
$result = escape_javascript($result);
}
return $result;
}
function isCancelRequest(&$request)
{
return RequestUtils::hasSubmitParameter(&$request, $this->getCancelParamKey());
}
function _initErrorMessages()
{
if ($this->errorMessages == null) {
$this->errorMessages = array();
foreach ($this->objectErrors as $error) {
$this->errorMessages[] = RequestUtils::getMessage($error, null, '', $this->textDomain, $this->htmlEscape);
}
}
}
function processGetContestResultsRequest($request)
{
$prfx = DB_PREFIX;
//get $is_anonymous, $contest_id, $user_contest_row, $user_contest_start_time
if (!is_null($request->sessionID)) {
$is_anonymous = false;
$user_contest_row = RequestUtils::testSession($request->sessionID);
$contest_id = RequestUtils::getRequestedContest($request->contestID, $user_contest_row['contest_id'], $user_contest_row['user_type']);
if ($contest_id < 0) {
throwBusinessLogicError(14);
}
$user_contest_start_time = DateMySQLToPHP($user_contest_row['contest_start']);
$user_contest_finish_time = DateMySQLToPHP($user_contest_row['contest_finish']);
} else {
$is_anonymous = true;
$contest_id = $request->contestID;
$user_contest_start_time = null;
//contest was not started for anonymous
$user_contest_finish_time = null;
//and was not finished
}
//get $serialized_contest_settings
$need_request_for_contest_data = $is_anonymous || $user_contest_row['user_type'] === 'SuperAdmin';
if ($need_request_for_contest_data) {
if ($contest_id === 0) {
throwBusinessLogicError(14);
}
$contest_row = Data::getRow(sprintf("SELECT *\r\n FROM {$prfx}contest\r\n WHERE id=%s\r\n ", Data::quote_smart($contest_id)));
if (!$contest_row) {
throwBusinessLogicError(14);
}
$serialized_contest_settings = $contest_row['settings'];
} else {
$serialized_contest_settings = $user_contest_row['settings'];
}
//get $contest_settings
$contest_settings = Data::_unserialize($serialized_contest_settings);
//get $is_admin
$is_admin = !$is_anonymous && ($user_contest_row['user_type'] === 'SuperAdmin' || $user_contest_row['user_type'] === 'ContestAdmin');
//get $permission
$ctime = getCurrentContestTime($contest_settings, $user_contest_start_time, $user_contest_finish_time);
if (!$is_admin) {
if ($ctime['interval'] === 'before') {
throwBusinessLogicError(19);
}
if ($ctime['interval'] === 'contest' && !$ctime['is_ending']) {
$permission = $contest_settings->resultsAccessPolicy->contestPermission;
} else {
if ($ctime['is_ending']) {
$permission = $contest_settings->resultsAccessPolicy->contestEndingPermission;
} else {
if ($ctime['interval'] === 'after' && !$ctime['is_ending']) {
$permission = $contest_settings->resultsAccessPolicy->afterContestPermission;
}
}
}
} else {
$permission = 'FullAccess';
}
//test rights
if ($permission === 'NoAccess') {
throwBusinessLogicError(0);
}
if ($is_anonymous && $permission === "OnlySelfResults") {
throwBusinessLogicError(0);
}
//get problem rows
$all_problems_rows = Data::getRows(sprintf("SELECT *\r\n FROM {$prfx}problem\r\n WHERE {$prfx}problem.contest_id=%s\r\n ORDER BY {$prfx}problem.contest_pos ASC", Data::quote_smart($contest_id)));
//get users rows
if ($permission === 'FullAccess') {
$all_users_rows = Data::getRows(sprintf("SELECT *\r\n FROM {$prfx}user\r\n WHERE contest_id=%s", Data::quote_smart($contest_id)));
} else {
/* if $permission === 'OnlySelfResults'*/
$all_users_rows = $user_contest_row;
}
//create result
$result = new GetContestResultsResponse();
//fill columns ids
$result->headers = array();
$result->minorHeaders = array();
//the first column with 'user_id' and 'login'
if ($is_admin) {
$result->headers[] = 'admin info';
$result->minorHeaders[] = array('id', 'login');
}
//column with participant data
$result->headers[] = 'participant';
//get participant subcolumns
$data_subs = array();
$contest_user_data = $contest_settings->data;
if ($contest_user_data) {
foreach ($contest_settings->data as $df) {
if ($is_admin || $df->showInResult) {
$data_subs[] = $df->data;
}
}
}
$result->minorHeaders[] = $data_subs;
//columns with problems
$problem_ids = array();
$problem_cols = array();
while ($problem_row = Data::getNextRow($all_problems_rows)) {
$problem_ids[] = $problem_row['id'];
$result->headers[] = $problem_row['name'];
$col_names = Data::_unserialize($problem_row['column_names']);
$result->minorHeaders[] = $col_names;
$problem_cols[] = $col_names;
}
//fill results table
$result->table = array();
if ($permission === 'OnlySelfResults') {
$result->table[] = getTableRow($user_contest_row, $is_admin, $problem_ids, $problem_cols, $contest_settings->data);
$result->userLine = 0;
} else {
$ind = 0;
$result->userLine = -1;
while ($user_row = Data::getNextRow($all_users_rows)) {
$result->table[] = getTableRow($user_row, $is_admin, $problem_ids, $problem_cols, $contest_settings->data);
if ($user_row['id'] == $user_contest_row['id']) {
$result->userLine = $ind;
}
$ind++;
}
}
return $result;
}
function processSubmitSolutionRequest($request)
{
$prfx = DB_PREFIX;
//get user_id or die, if session is invalid
$userRow = RequestUtils::testSession($request->sessionID);
$user_id = $userRow['id'];
//authorize user for this operation
// get contest ID
$user_type = $userRow['user_type'];
//get problem row
$problem_row = Data::getRow(sprintf("SELECT * FROM {$prfx}problem WHERE id=%s", Data::quote_smart($request->problemID)));
if (!$problem_row) {
throwBusinessLogicError(4);
}
//get contest id of a problem
$problem_contest_id = $problem_row['contest_id'];
//test if we have rights to submit solution for the contest
$contest_id = RequestUtils::getRequestedContest($problem_contest_id, $userRow['contest_id'], $user_type);
if ($contest_id < 0) {
throwBusinessLogicError(0);
}
//get all settings
$contest_settings = Data::_unserialize($userRow['settings']);
//test submission time
$cur_time = getCurrentContestTime($contest_settings, DateMySQLToPHP($userRow['contest_start']), DateMySQLToPHP($userRow['contest_finish']));
if ($cur_time['interval'] === 'before') {
throwBusinessLogicError(19);
}
if ($cur_time['interval'] === 'after') {
throwBusinessLogicError(20);
}
$problem_settings = Data::_unserialize($problem_row['contest_settings']);
//test that not all submission attempts were used
$hist = Data::getRow(sprintf("SELECT COUNT(*) AS cnt FROM {$prfx}submission_history WHERE (problem_id=%s) AND (user_id=%s)", Data::quote_smart($request->problemID), Data::quote_smart($user_id)));
if ($hist >= getSetting($contest_settings->problemsDefaultSettings->sendCount, $problem_settings->sendCount)) {
throwBusinessLogicError(21);
}
//save submission result in history
$cur_php_time = getdate();
$col_value = array();
$col_value['problem_id'] = $request->problemID;
$col_value['user_id'] = $user_id;
$col_value['submission'] = serialize($request->problemResult);
$col_value['result'] = null;
//serialize($check_result);
$col_value['submission_time'] = DatePHPToMySQL($cur_php_time[0]);
//TODO implement asynchronous plugin
//get problem and create plugin
$problem = new Problem(getProblemFile($request->problemID));
$plugin_alias = $problem->getServerPlugin();
require_once getServerPluginFile();
require_once getServerPluginFile($plugin_alias);
$plugin = new $plugin_alias($problem);
//check solution
$last_result = $plugin->checkSolution(Data::getInsertedID(), $request->problemResult);
$col_value['result'] = serialize($last_result);
Data::submitModificationQuery(Data::composeInsertQuery('submission_history', $col_value));
//get result for result table and store in user
$all_results = Data::_unserialize($userRow['results']);
$user_result = ResultUtils::getUserResults($user_id, $request->problemID, getSetting($contest_settings->problemsDefaultSettings->tableResultChoice, $problem_settings->tableResultChoice), getSetting($contest_settings->problemsDefaultSettings->resultTransition, $problem_settings->resultTransition), $plugin, $last_result);
//update user result for results table
$all_results[$request->problemID] = $user_result;
Data::submitModificationQuery(Data::composeUpdateQuery('user', array('results' => serialize($all_results)), 'id=' . Data::quote_smart($user_id)));
//return submission result
$res = new AcceptedResponse();
return $res;
}
function processRegisterToContestRequest($request)
{
$prfx = DB_PREFIX;
//get user_id or die, if session is invalid
if (is_null($request->sessionID)) {
if (!is_numeric($request->contestID)) {
throwBusinessLogicError(14);
}
$contest_id = (int) $request->contestID;
$request_user_type = '__Anonymous';
} else {
$userRow = RequestUtils::testSession($request->sessionID);
$request_user_id = $userRow['id'];
$request_user_type = $userRow['user_type'];
$contest_id = RequestUtils::getRequestedContest($request->contestID, $userRow['contest_id'], $request_user_type);
//make possible for superadmin to register users of zero-contest
if ($request_user_type == 'SuperAdmin' && ($request->contestID == 0 || $request->contestID == -1)) {
$contest_id = 0;
}
if ($contest_id == -1) {
throwBusinessLogicError(0);
}
}
//test permissions
if ($contest_id != 0) {
$contest_row = Data::getRow(sprintf("SELECT * FROM {$prfx}contest WHERE id=%s", Data::quote_smart($contest_id))) or throwBusinessLogicError(14);
//test if this contest gets users only by admins
$contest_settings = @unserialize($contest_row['settings']);
if ($contest_settings->registrationType === 'ByAdmins') {
if ($request_user_type !== "ContestAdmin" && $request_user_type !== "SuperAdmin") {
throwBusinessLogicError(0);
}
}
} else {
if ($request_user_type !== "ContestAdmin") {
throwBusinessLogicError(0);
}
}
//get user from request
$u = $request->user;
//test that superadmins are registered only for 0 contest
if ($u->userType === 'SuperAdmin' && $contest_id != 0) {
throwBusinessLogicError(18);
}
//test that there is no user with the same login in this contest
if (Data::hasRows(sprintf("SELECT * FROM {$prfx}user WHERE contest_id=%s AND login=%s", Data::quote_smart($contest_id), Data::quote_smart($u->login)))) {
throwBusinessLogicError(14);
}
//not participants may be added only by admins
if ($u->userType !== "Participant") {
if ($request_user_type !== "ContestAdmin" && $request_user_type !== "SuperAdmin") {
throwBusinessLogicError(0);
}
}
//add user finally
$col_value = array();
$col_value['login'] = $u->login;
$col_value['password'] = $u->password;
$col_value['user_data'] = @serialize($u->dataValue);
$col_value['contest_id'] = $contest_id;
$col_value['user_type'] = $u->userType;
$col_value['results'] = @serialize(array());
if (strlen($u->login) == 0) {
throwBusinessLogicError(22);
}
if (week_password($u->password)) {
throwBusinessLogicError(23);
}
Data::submitModificationQuery(Data::composeInsertQuery('user', $col_value));
return new AcceptedResponse();
}
function processGetContestDataRequest($request)
{
$prfx = DB_PREFIX;
$is_anonymous = is_null($request->sessionID);
if (!$is_anonymous) {
//get user_id or die, if session is invalid
$userRow = RequestUtils::testSession($request->sessionID);
$user_id = $userRow['id'];
//authorize user for this operation
// get contest ID
$user_type = $userRow['user_type'];
//compare requested contest and user contest
$contest_id = RequestUtils::getRequestedContest($request->contestID, $userRow['contest_id'], $user_type);
} else {
$contest_id = $request->contestID;
}
if ($contest_id <= 0) {
throwBusinessLogicError(0);
}
//create response
$res = new GetContestDataResponse();
//fill contest description with data
//query db
$row = Data::getRow(sprintf("SELECT * FROM {$prfx}contest WHERE id=%s", Data::quote_smart($contest_id))) or throwBusinessLogicError(14);
//TODO remove this code duplication, the code is similar to AvailableContests.php
$c = Data::_unserialize($row['settings']);
$c->contestID = (int) $row['id'];
$res->contest = $c;
//fill problem data
if ($is_anonymous) {
return $res;
}
//query db to find out problems
$problems_rows = Data::getRows(sprintf("SELECT * FROM {$prfx}problem WHERE contest_id=%s ORDER BY contest_pos ASC", Data::quote_smart($contest_id)));
//fill problems data
$res->problems = array();
$info_type = $request->infoType;
$extended_data = $request->extendedData;
while ($row = Data::getNextRow($problems_rows)) {
$pd = new ProblemDescription();
$res->problems[] = $pd;
$pd->id = (int) $row['id'];
$pd->settings = Data::_unserialize($row['contest_settings']);
//do we need any information
if ($info_type == 'NoInfo') {
continue;
}
//do we need to return some info for this problem
if (!is_null($extended_data) && !in_array($pd->id, $extended_data)) {
continue;
}
$problem = new Problem(getProblemFile($pd->id));
if ($info_type !== 'NoInfo') {
//fill extended data: statement or statementData and answerData
if ($info_type === "ParticipantInfo") {
$pd->problem = $problem->getParticipantVersion($user_id)->getProblemBytes();
} elseif ($info_type === "AdminInfo") {
if ($user_type === "Participant") {
throwBusinessLogicError(0);
}
$pd->problem = $problem->getProblemBytes();
}
}
}
return $res;
}
function processAdjustContestRequest($request)
{
if (!$request->contest) {
throwBusinessLogicError(1, 'contest is null');
}
//get user_id or die, if session is invalid
$userRow = RequestUtils::testSession($request->sessionID);
//authorize user for this operation
// get contest ID
$user_type = $userRow['user_type'];
$contest_id = RequestUtils::getRequestedContest($request->contest->contestID, $userRow['contest_id'], $user_type);
if ($user_type === "Participant") {
$contest_id = -1;
}
if ($contest_id < 0) {
throwBusinessLogicError(0);
}
queryForContestDescription($request->contest, $contest_id);
//now adjust problems
if (!is_null($request->problems)) {
$tmp_files = queriesToAdjustProblems($request->problems, $contest_id);
}
Data::execPendingQueries();
$new_ids = Data::getInsertedIDs();
$id_ind = 0;
//rename temporary files and fill responseIDs
if (!is_null($request->problems)) {
$responseIDs = array();
$probs_cnt = count($request->problems);
for ($i = 0; $i < $probs_cnt; $i++) {
$p = $request->problems[$i];
$tmp = $tmp_files[$i];
if ($tmp) {
$new_id = $p->id;
if ($new_id < 0) {
$new_id = $new_ids[$id_ind++];
}
@rename($tmp, getProblemFile($new_id));
$responseIDs[] = $new_id;
} else {
$responseIDs[] = $p->id;
if ($p->id < 0) {
//for new tasks it must have been created a temporary file
throwServerProblem(202);
}
}
}
} else {
$responseIDs = NULL;
}
$response = new AdjustContestResponse();
$response->problemIDs = $responseIDs;
return $response;
}
/**
* returns a temporary file for the problem with the specified id
* @param $id
* @return unknown_type
*/
function getTemporaryProblemFile()
{
return $GLOBALS['dces_dir_temp'] . '/' . RequestUtils::random_str(10) . '.problem';
}
